Created
January 31, 2019 16:58
-
-
Save poiriersimon/a444a41476ed2f441872373e84d92c50 to your computer and use it in GitHub Desktop.
Check if some IP or ip range are included in SPF Records
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $IpsToCheck = @("40.107.67.0","104.47.612.0","52.100.146.0","40.107.0.0","104.47.0.0","52.100.0.0") | |
| $domain = "spf.protection.outlook.com" | |
| #A better approach would be to validate if the domain is user in a primary email address | |
| $IpMissing = @() | |
| foreach($IpToCheck in $IpsToCheck){ | |
| $DNS = Resolve-DnsName -Type TXT -Name $domain |where{$_.Strings -like "*v=spf1*"} | |
| if($DNS.strings -like "*$($IpToCheck)*"){ $DNS.strings | |
| }elseif($DNS.strings -like "*include:*"){ | |
| foreach($include in $($dns.Strings.split(" ")| where {$_ -like "include:*"})){ | |
| $tDns = Resolve-DnsName -Type TXT -Name $($include.split(":")[-1]) | |
| if($tDNS.strings -like "*$($IpToCheck)*"){$tDNS.strings } | |
| } | |
| } | |
| $IpMissing += $IpToCheck | |
| } | |
| $IpMissing |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment