poiriersimon · January 9, 2019 18:49
diff --git a/Check for EXO SPF.ps1 b/Check for EXO SPF.ps1
 $AcceptedDomains=Get-AcceptedDomain |where {$_.DomainName -notlike "*.mail.onmicrosoft.com"}
 #A better approach would be to validate if the domain is user in a primary email address
 $DomainWithoutSPF = @()
 foreach($AcceptedDomain in $AcceptedDomains){
    $DNS = Resolve-DnsName -Type TXT -Name $AcceptedDomain.DomainName |where{$_.Strings -like "*v=spf1*"}
    if($DNS.strings -like "*include:spf.protection.outlook.com*"){Return
    }elseif($DNS.strings -like "*include:*"){
        foreach($include in $($dns.Strings.split(" ")| where {$_ -like "include:*"})){
            $tDns = Resolve-DnsName -Type TXT -Name $($include.split(":")[-1])
            if($tDNS.strings -like "*include:spf.protection.outlook.com*"){Return}
        }
        
    }
    $DomainWithoutSPF += $AcceptedDomain.DomainName
 }
 $DomainWithoutSPF
	$AcceptedDomains=Get-AcceptedDomain \|where {$_.DomainName -notlike "*.mail.onmicrosoft.com"}
	#A better approach would be to validate if the domain is user in a primary email address
	$DomainWithoutSPF = @()
	foreach($AcceptedDomain in $AcceptedDomains){
	$DNS = Resolve-DnsName -Type TXT -Name $AcceptedDomain.DomainName \|where{$_.Strings -like "v=spf1"}
	if($DNS.strings -like "include:spf.protection.outlook.com"){Return
	}elseif($DNS.strings -like "include:"){
	foreach($include in $($dns.Strings.split(" ")\| where {$_ -like "include:*"})){
	$tDns = Resolve-DnsName -Type TXT -Name $($include.split(":")[-1])
	if($tDNS.strings -like "include:spf.protection.outlook.com"){Return}
	}

	}
	$DomainWithoutSPF += $AcceptedDomain.DomainName
	}
	$DomainWithoutSPF