public/Get-DKIMRecord.ps1
|
<#> HelpInfoURI 'https://github.com/T13nn3s/Show-SpfDkimDmarc/blob/main/public/CmdletHelp/Get-DKIMRecord.md' #> # Load private functions Get-ChildItem -Path $PSScriptRoot\..\private\*.ps1 | ForEach-Object { . $_.FullName } function Get-DKIMRecord { [CmdletBinding()] param( [Parameter( Mandatory = $True, ValueFromPipeline = $True, ValueFromPipelineByPropertyName = $True, HelpMessage = "Specifies the domain for resolving the DKIM-record." )][string[]]$Name, [Parameter(Mandatory = $False, HelpMessage = "Specify a custom DKIM selector.")] [string]$DkimSelector, [Parameter(Mandatory = $false, HelpMessage = "DNS Server to use.")] [string]$Server ) begin { # Determine OS platform try { Write-Verbose "Determining OS platform" $OsPlatform = (Get-OsPlatform).Platform } catch { Write-Verbose "Failed to determine OS platform, defaulting to Windows" $OsPlatform = "Windows" } # Linux or macOS: Check if dnsutils is installed if ($OsPlatform -eq "Linux" -or $OsPlatform -eq "macOS") { Test-DnsUtilsInstalled } Write-Verbose "Starting $($MyInvocation.MyCommand)" $PSBoundParameters | Out-String | Write-Verbose if ($PSBoundParameters.ContainsKey('Server')) { $SplatParameters = @{ 'Server' = $Server 'ErrorAction' = 'SilentlyContinue' } } Else { $SplatParameters = @{ 'ErrorAction' = 'SilentlyContinue' } } # Custom list of DKIM-selectors # See: https://help.sendmarc.com/support/solutions/articles/44001891845-email-provider-commonly-used-dkim-selectors # See: https://www.reddit.com/r/DMARC/comments/1bffol7/list_of_most_common_dkim_selectors/ $DkimSelectors = @( 'selector1' # Microsoft 'selector2' # Microsoft 'google' # Google Workspace 'everlytickey1' # Everlytic 'everlytickey2' # Everlytic 'eversrv' # Everlytic OLD selector 'k1' # Mailchimp / Mandrill 'k2' # Mailchimp / Mandrill 'mxvault' # Global Micro 'dkim' # Hetzner 'protonmail' # ProtonMail 'protonmail2' # ProtonMail 'protonmail3' # ProtonMail 's1' # Sendgrid / NationBulder 's2' # Sendgrid / NationBuilder 'ctct1' # Constant Contact 'ctct2' # Constant Contact 'sm' # Blackbaud, eTapestry 'sig1' # iCloud 'litesrv' # MailerLite 'zendesk1' # Zendesk 'zendesk2' # Zendesk 'amazonses' # Amazon SES 'zoho' # Zoho Mail / Campaigns 'zohomail' # Zoho Mail 'sfdc' # Salesforce 'hs1' # HubSpot 'hs2' # HubSpot 'pm' # Postmark 'sparkpost' # SparkPost 'sib' # Sendinblue / Brevo 'mailin' # Sendinblue (legacy) 'cm' # Campaign Monitor 'fm1' # Fastmail 'fm2' # Fastmail 'pp' # Proofpoint 'mimecast' # Mimecast 'ces' # Cisco Email Security 'mailgun' # Mailgun 'opentext' # OpenText 'sophos' # Sophos Email 'barracuda' # Barracuda 'default' # GoDaddy / secureserver.net 'dkim1' # cPanel / Exim 'plesk' # Plesk 'yandex' # Yandex Mail ) $DKimObject = New-Object System.Collections.Generic.List[System.Object] } Process { foreach ($domain in $Name) { if ($DkimSelector) { Write-Verbose "Using custom DKIM selector: $DkimSelector" Write-Verbose "Querying DKIM record for $($DkimSelector)._domainkey.$($domain)" if ($OsPlatform -eq "Windows") { $DKIM = Resolve-DnsName -Type TXT -Name "$($DkimSelector)._domainkey.$($domain)" @SplatParameters } elseif ($OsPlatform -eq "macOS" -or $OsPlatform -eq "Linux") { $DKIM = $(dig TXT "$($DkimSelector)._domainkey.$($domain)" +short | Out-String).Trim() $DKIM = $DKIM -split '" "' -join "" $DKIM = ($DKIM -split "`n")[1] } elseif ($OsPlatform -eq "macOS" -or $OsPlatform -eq "Linux" -and $Server) { $DKIM = $(dig TXT "$($DkimSelector)._domainkey.$($domain)" +short NS $PSBoundParameters.Server | Out-String).Trim() $DKIM = $DKIM -split '" "' -join "" $DKIM = ($DKIM -split "`n")[1] } if ($DKIM.Type -eq "CNAME") { Write-Verbose "DKIM record is a CNAME, resolving to TXT record" while ($DKIM.Type -eq "CNAME") { $DKIMCname = $DKIM.NameHost $DKIM = Resolve-DnsName -Type TXT -name "$DKIMCname" @SplatParameters } $DKIM = $DKIM | Select-Object -ExpandProperty Strings -ErrorAction SilentlyContinue if ($null -eq $DKIM) { $DkimAdvisory = "No DKIM-record found for selector $($DkimSelector)._domainkey.$($domain)" } elseif ($DKIM -match "v=DKIM1" -or $DKIM -match "k=") { $DkimAdvisory = "DKIM-record found." } } else { if ($OsPlatform -eq "Windows") { $DKIM = $DKIM | Select-Object -ExpandProperty Strings -ErrorAction SilentlyContinue } if ($null -eq $DKIM) { $DkimAdvisory = "No DKIM-record found for selector $($DkimSelector)._domainkey.$($domain)" } elseif ($DKIM -match "v=DKIM1" -or $DKIM -match "k=") { $DkimAdvisory = "DKIM-record found." } } } else { foreach ($DkimSelector in $DkimSelectors) { Write-Verbose "Querying DKIM record for $($DkimSelector)._domainkey.$($domain)" if ($OsPlatform -eq "Windows") { $DKIM = Resolve-DnsName -Type TXT -Name "$($DkimSelector)._domainkey.$($domain)" @SplatParameters } elseif ($OsPlatform -eq "macOS" -or $OsPlatform -eq "Linux") { $DKIM = $(dig TXT "$($DkimSelector)._domainkey.$($domain)" +short | Out-String).Trim() $DKIM = $DKIM -split '" "' -join "" $DKIM = ($DKIM -split "`n")[1] } elseif ($OsPlatform -eq "macOS" -or $OsPlatform -eq "Linux" -and $Server) { $DKIM = $(dig TXT "$($DkimSelector)._domainkey.$($domain)" +short NS $PSBoundParameters.Server | Out-String).Trim() $DKIM = $DKIM -split '" "' -join "" $DKIM = ($DKIM -split "`n")[1] } if ($DKIM.Type -eq "CNAME") { while ($DKIM.Type -eq "CNAME") { $DKIMCname = $DKIM.NameHost $DKIM = Resolve-DnsName -Type TXT -name "$DKIMCname" @SplatParameters } $DKIM = $DKIM | Select-Object -ExpandProperty Strings -ErrorAction SilentlyContinue if ($null -eq $DKIM) { $DkimAdvisory = "No DKIM-record found for selector $($DkimSelector)._domainkey.$($domain)" } elseif ($DKIM -match "v=DKIM1" -or $DKIM -match "k=") { $DkimAdvisory = "DKIM-record found." break } } else { if ($OsPlatform -eq "Windows") { $DKIM = $DKIM | Select-Object -ExpandProperty Strings -ErrorAction SilentlyContinue } if ($null -eq $DKIM) { $DkimAdvisory = "We couldn't find a DKIM record associated with your domain." } elseif ($DKIM -match "v=DKIM1" -or $DKIM -match "k=") { $DkimAdvisory = "DKIM-record found." break } } } } $DkimReturnValues = New-Object psobject $DkimReturnValues | Add-Member NoteProperty "Name" $domain $DkimReturnValues | Add-Member NoteProperty "DkimRecord" $DKIM $DkimReturnValues | Add-Member NoteProperty "DkimSelector" $DkimSelector $DkimReturnValues | Add-Member NoteProperty "DKIMAdvisory" $DkimAdvisory $DkimObject.Add($DkimReturnValues) $DkimReturnValues } } end {} } Set-Alias gdkim -Value Get-DKIMRecord |