# get-dkimselectors # # This script retrieves the DKIM selectors used in the last 10 messages sent by the current user. param ( [int64]$top=100000, [string]$internaldomain = "msxfaq.de", [string]$csvfile = ".\output\dkimselectors-$(Get-Date -Format 'yyyyMMddHHmmss').csv" ) Write-Host "Get-DKIMSelectors Start" Write-Host " MaxItems: $($top)" Write-Host " OutputCSV: $($csvfile)" if (!(Get-Module Microsoft.Graph)) { Write-Host "Microsoft.Graph module not found. Installing..." -ForegroundColor Yellow Install-Module Microsoft.Graph -Scope CurrentUser -Force } else { Write-Host "Microsoft.Graph module found." -ForegroundColor Green } if ((Get-MgContext).scopes -notcontains "Mail.Read") { Write-Host "# Verbinden mit meinem eigenen Postfach. Consent für Graph muss ggfls. durch Admin erfolgen" Connect-MGGraph -Scopes Mail.Read } else { Write-Host "Already connected to Microsoft Graph" Write-Host " Username: $(Get-MgContext).account)" Write-Host " Scopes : $(Get-MgContext).scopes -join ', ')" -ForegroundColor Green } mkdir -Force -Path ".\output" $result = @{} Write-Host "Start loading messages" $totalcount = 0 $externalcount = 0 $dkimcount = 0 #-Filter "sentDateTime ge $($(Get-Date).AddDays(-30).ToString(""o""))" ` #-Filter "$($(Get-Date).AddDays(-30).ToString(""yyyy-mm-ddThh:mm:ss""))Z" ` # -Filter "not(endswith(/emailAddress/address,'@example.com'))" ` # -Filter "sentDateTime ge $($(Get-Date).AddDays(-30).ToString(""yyyy-MM-ddTHH:mm:ssZ"")) and endswith(from/emailAddress/address,'someuser@example.com')" ` Get-MgUserMessage ` -UserId ((Get-MgContext).account) ` -Property "From,Subject,InternetMessageHeaders" ` -Filter "sentDateTime ge $($(Get-Date).AddDays(-30).ToString(""yyyy-MM-ddTHH:mm:ssZ""))" ` -Top $top ` | foreach-object { $totalcount++ Write-host "Message ($totalcount)" -nonewline if ($_.From.EmailAddress.Address -eq $null) { Write-Host "From email null. Skip" -ForegroundColor Magenta return } if ($_.From.EmailAddress.Address.endswith("@$($internaldomain)")) { Write-Host "internal message from $($internaldomain). Skip" -ForegroundColor Magenta return } $externalcount++ $dkimHeader = $_.internetMessageHeaders | Where-Object { $_.Name -eq "DKIM-Signature" } if ($dkimHeader) { $dkimcount++ Write-Host "DKIM" -ForegroundColor Green -NoNewline foreach ($entry in $dkimheader) { $entryvalue = $entry.value Write-debug "$($entryvalue)" # D= extrahieren, Domain of DKIM Signature $d=$null if ($entryvalue -match "d=([^;]+)") { Write-host "D" -ForegroundColor Magenta -NoNewline $d = $Matches[1] } # S= extrahieren Selector of DKIM Signature $s=$null if ($entryvalue -match "s=([^;]+)") { Write-host "S" -ForegroundColor Magenta -NoNewline $s = $Matches[1] } # a= extrahieren, Algorithm of DKIM Signature $a=$null if ($entryvalue -match "a=([^;]+)") { Write-host "E" -ForegroundColor Magenta -NoNewline $a = $Matches[1] } if ($d -and $s) { Write-host "A" -ForegroundColor Magenta -NoNewline $resultentry= [PSCustomObject]@{ Mailnr = $totalcount From = $_.from.EmailAddress.address.split("@")[-1] Domain = $d Selector = $s Encryption = $a } $resultentry | export-csv $csvfile -Append -NoTypeInformation $key = $resultentry.From + $resultentry.Domain + $resultentry.Selector if ($result.ContainsKey($key)) { Write-Host "S" -ForegroundColor Gray -NoNewline } else { $result[$key] = @($resultentry) Write-Host "`n Added Domain $($resultentry.Domain) with Selector $($resultentry.Selector)" -ForegroundColor Cyan -NoNewline } } } } Write-Host " Done" } Write-Host "Done loading messages. Found $($result.Count) unique DKIM selectors." -ForegroundColor Green Write-Host "Total messages processed : $totalcount" Write-Host "External messages processed : $externalcount" Write-Host "Messages with DKIM signatures: $dkimcount" $result.Values | Format-Table -AutoSize