public/Get-SPFRecord.ps1
|
<#>
.HelpInfoURI 'https://github.com/T13nn3s/Show-SpfDkimDmarc/blob/main/public/CmdletHelp/Get-SPFRecord.md' #> function Get-SPFRecord { [CmdletBinding()] param( [Parameter( Mandatory = $True, ValueFromPipeline = $True, ValueFromPipelineByPropertyName = $True, HelpMessage = "Specifies the domain for resolving the SPF-record." )][string]$Name, [Parameter(Mandatory = $false, HelpMessage = "DNS Server to use.")] [string]$Server ) begin { Write-Verbose "Starting $($MyInvocation.MyCommand)" $PSBoundParameters | Out-String | Write-Verbose if ($PSBoundParameters.ContainsKey('Server')) { $SplatParameters = @{ 'Server' = $Server 'ErrorAction' = 'SilentlyContinue' } } Else { $SplatParameters = @{ 'ErrorAction' = 'SilentlyContinue' } } $SpfObject = New-Object System.Collections.Generic.List[System.Object] } Process { $SPF = Resolve-DnsName -Name $Name -Type TXT @SplatParameters | where-object { $_.strings -match "v=spf1" } | Select-Object -ExpandProperty strings -ErrorAction SilentlyContinue $SpfTotalLenght = $SPF.Length if ($SPF -match "redirect") { $redirect = $SPF.Split(" ") $RedirectName = $redirect -match "redirect" -replace "redirect=" $SPF = Resolve-DnsName -Name "$RedirectName" -Type TXT @SplatParameters | where-object { $_.strings -match "v=spf1" } | Select-Object -ExpandProperty strings -ErrorAction SilentlyContinue } if ($null -eq $SPF) { $SpfAdvisory = "Domain does not have an SPF record. To prevent abuse of this domain, please add an SPF record to it." } elseif ($SPF -is [array] -and $SPF[0].Length -eq 255 -and ($SPF[1].Length -gt 1)) { $SpfAdvisory = "Your SPF-record has more than 255 characters. This is explicitly defined in RFC4408" $SpfTotalLenght = $SPF[0].Length + $SPF[1].Length } elseif ($SPF -is [array] -and (($SPF | Where-Object { $_ -like "v=spf1*" }) | Measure-Object | Select-Object -ExpandProperty count) -gt 1) { $SpfAdvisory = "Domain has more than one SPF-record. Only SPF record per domain. This is explicitly defined in RFC4408" } else { switch -Regex ($SPF) { '~all' { $SpfAdvisory = "An SPF-record is configured but the policy is not sufficiently strict." } '-all' { $SpfAdvisory = "An SPF-record is configured and the policy is sufficiently strict." } "\?all" { $SpfAdvisory = "Your domain has a valid SPF record but your policy is not effective enough." } '\+all' { $SpfAdvisory = "Your domain has a valid SPF record but your policy is not effective enough." } Default { $SpfAdvisory = "No qualifier found. Your domain has a SPF record but your policy is not effective enough." } } } } end { $SpfReturnValues = New-Object psobject $SpfReturnValues | Add-Member NoteProperty "Name" $Name $SpfReturnValues | Add-Member NoteProperty "SPFRecord" "$($SPF)" $SpfReturnValues | Add-Member NoteProperty "SPFRecordLenght" "$($SpfTotalLenght)" $SpfReturnValues | Add-Member NoteProperty "SPFAdvisory" $SpfAdvisory $SpfObject.Add($SpfReturnValues) $SpfReturnValues } } Set-Alias gspf -Value Get-SPFRecord |