Last active
August 2, 2023 15:21
-
-
Save Rugby-Ball/2ae82a324bcf44cb2f461be06b266283 to your computer and use it in GitHub Desktop.
Check a list of domains for SPF, DKIM, and DMARC entries #AWS #Utility #Inventory #Security #Public #email
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Install-Module -name DomainHealthChecker # Only needed if you don't already have the Module installed | |
import-module -name DomainHealthChecker | |
$all = @() | |
#You need the DKIM selector to pull the correct DKIM record. | |
$urls_check = @( [pscustomobject]@{'domain'="domain0.com";'dkim_selector'="s6840"}, | |
[pscustomobject]@{'domain'="domain1.com";'dkim_selector'="cast717"} | |
) | |
$runon = Get-date -Format "MM/dd/yyyy HH:mm tt K" | |
foreach ($url in $urls_check) { | |
#There is a bug in Invoke-SpfDkimDmarc, v1.6 where it only uses `dkim` as a selector value, so need to use the Get-DKIMRecord cmdlet so you can use the DKIM Selector. | |
$all += Invoke-SpfDkimDmarc -Name $url.domain | Select-Object @{N = "Run-On";E = {$runon}},Name, SPFRecord, DMARCRecord, @{n= "DKIM_Selector";e= {$url.dkim_selector} }, @{N = "DKIM_Record";E = { ((Get-DKIMRecord -Name $url.domain -DkimSelector $url.dkim_selector).dkimrecord )} } | |
} | |
$all | sort-object name | clip # replace clip with pbcopy for MacOS - Copies output to clipboard | |
<# | |
################################################################################ | |
# # As an alternative, if you want to run this against all of your RT53 HostedZones, this will poll all of them (Public and Private) and output the details. However because of the DKIM bug, it will only used `dkim` as the selector. | |
#Install-Module -name DomainHealthChecker # Only needed if you don't already have the Module installed | |
import-module -name DomainHealthChecker | |
$all = @() | |
$urls_check = Get-R53HostedZoneList | |
foreach ($url in $urls_check) { | |
$all += Invoke-SpfDkimDmarc -Name $url.name | Select-Object @{ name="HostedZoneID";e={$url.id.substring(12)} }, Name , SPFRecord, DMARCRecord, DKIMRecord | |
} | |
$all | sort-object name | Format-Table -AutoSize -Wrap | clip # replace clip with pbcopy for MacOS - Copies output to clipboard | |
#> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment