#get-dmarcinfo # # Script to collect the domains of DMARC recipient mailaddresses from a list of domains # Get the target Domain as parameter or fom a textfile and query them with resolve-dnsname # parse the results and extract the SMTP-Domain of the Addresses # Generate a hashtable with the domains for further processing # # (c) 2025 Frank Carius https://www.msxfaq.de param ( [Parameter(Mandatory = $true, Position = 0,ValueFromPipeline = $true,HelpMessage = "Domainname or list of domains to query for DMARC records")] [string]$Domain ) begin { Write-Verbose "Starting DMARC information retrieval for domains: $($Domains -join ', ')" $count= 0 if (-not $Domain) { Write-Error "No domains provided. Please specify at least one domain." return } } process { $count++ Write-Host "Domain ($count): $domain" try { $dmarcRecord = Resolve-DnsName -Name "_dmarc.$domain" -Type TXT -ErrorAction Stop foreach ($record in $dmarcRecord) { if ($record.Strings -match "v=DMARC1") { $dmarcInfo = [pscustomobject][ordered] @{ Domain = $domain Record = $record.Strings Policy = $null SMTPDomain = $null } $record.Strings.split(";").trim() | ForEach-Object { Write-Verbose "Processing record: $_" if ($_.startswith("p=")) { $dmarcinfo.Policy = $_.replace("p=","").trim() Write-Verbose "Found policy: $Policy" } if ($_.startswith("rua=")) { Write-Verbose "Found rua tag: $_" foreach ($entry in ($_.replace("rua=","").split(","))) { Write-Verbose "Processing entry: $entry" if ($entry.startswith("mailto:")) { Write-Verbose "Found mailto entry: $entry" $smtpDomain = $entry.split("@")[1] $dmarcInfo.SMTPDomain = $smtpDomain $dmarcInfo } } } } } } } catch { Write-Warning "Failed to resolve DMARC record for domain '$domain': $_" } } end { Write-Verbose "DMARC information retrieval completed." }