我需要从域列表中检查邮件服务器的 IP 地址,看看它们是否与某个 IP 地址匹配。具体来说:
- 构建我要查询的域列表
- 挖掘每个域的 MX 记录
- 挖掘IP地址MX记录查询结果的A记录
- 如果任何 IP 与特定 IP 匹配,则返回“是”或“否”
我卡在第 3 步了。
这是到目前为止我的脚本的相关部分
#!/bin/bash
# Bulk DNS Lookup
#
# File name/path of domain list:
domain_list='domains.txt' # One FQDN per line in file.
# File name of output text
output='ns_output.txt'
# Clears previous output
> $output
# IP address of the nameserver used for lookups:
ns_ip='192.168.250.67'
#
# Seconds to wait between lookups:
loop_wait='1' # Is set to 1 second.
for domain in `cat $domain_list` # Start looping through domains
do
echo $domain "Mail servers" >> $output
MX=$(dig @$ns_ip MX $domain +short) #query MX records from domain list and store it as varial $MX
echo $MX >> $output;
echo " " >> $output
echo " " >> $output
sleep $loop_wait # Pause before the next lookup to avoid flooding NS
done;
问题是我不知道如何将输出转换为变量,以便我可以运行另一个 A 记录挖掘。
c****s.com Name Servers
c****s.com. 14400 IN NS ns1.a****l.com. yes
c****s.com Mail servers
10 mail.c*****s.com. 20 mail2.c****s.com.
有什么方法可以查询结果以返回 MX 查询返回的每个服务器的 IP 地址吗?
编辑:我尝试了每个人的答案,虽然它们都会起作用,但我发现吉尔斯最容易实现。这是我的最终代码:
MX=$(dig @$ns_ip MX $domain +short) #query MX records from domain list and store it as variable $MX
arr=( $MX ) #creates array variable for the MX record answers
for ((i=1; i<${#arr[@]}; i+=2)); #since MX records have multiple answers, for loop goes through each answer
do
echo ${arr[i]} >> $output; #outputs each A record from above MX dig
dig A +short "${arr[i]}" >> $output #queries A record for IP and writes answer
MX_IP=$(dig A +short "${arr[i]}") #sets IP address from the dig to variable MX_IP
if [[ "${arr[i]}" == *"a****d"* ]] #if the mail server host name contains a***d
then
echo "yes - spam filter" >> $output
else
if [[ $MX_IP == $CHECK_IP ]] #if not, check to see if the mail server's IP matches ours.
then
echo "yes - mail server" >> $output
else
echo "no" >> $output
fi
fi
以下是示例输出(域名和 IP 因偏执而被审查):
a***l.com Mail servers lastmx.a****d.net.
85.x.x.x
209.x.x.x
95.x.x.x yes - spamfilter
....
mail.b***c.com.
72.x.x.x yes - mail server
backup.b***c.com.
50.x.x.x no
mail2.b***c.com.
50.x.x.x no
答案1
要走的路:
arr=( $MX )
for ((i=1; i<${#arr[@]}; i+=2)); do dig A +short "${arr[i]}"; done
输出:
108.177.15.26
209.85.233.27
172.253.118.27
108.177.97.26
173.194.202.26
答案2
答案3
以下命令将仅返回主机名列表(它会删除权重和尾随句点):
MX_HOSTS=$(dig MX google.com +short | sed 's/.* \(.*\)\.$/\1/')
然后你可以对其进行 for 循环:
for h in ${MX_HOSTS} ; do
MX_IPS="${MX_IPS} $(dig $h +short)"
done
并测试:
[[ "${MX_IPS}" =~ "${CHECK_IP}" ]] && echo "yes" || echo "no"
答案4
对它进行了一些更改以解决 MX 记录 URL 而不是 IP,但我想我会分享以防其他人受益。
#!/usr/bin/env bash
# Bulk DNS Lookup
# File name/path of domain list:
domain_list='domains.txt' # One FQDN per line in file.
# File name of output text
output='ns_output.txt'
# Clears previous output
> $output
# IP address of the nameserver used for lookups:
ns_ip='192.168.85.54'
#
# Seconds to wait between lookups:
loop_wait='1' # Is set to 1 second.
for domain in `cat $domain_list` # Start looping through domains
do
MX=$(dig @$ns_ip MX $domain +short) #query MX records from domain list and store it as variable $MX
#echo $MX >> $output;
#echo $domain >> $output;
arr=( $MX ) #creates array variable for the MX record answers
echo ${arr[1]} >> $output; #outputs only one record from above MX dig
: '
for ((i=1; i<${#arr[@]}; i+=2)); #since MX records have multiple answers, for loop goes through each answer
do
#echo $domain >> $output;
echo ${arr[i]} >> $output; #outputs each A record from above MX dig
#dig A +short "${arr[i]}" >> $output #queries A record for IP and writes answer
done
'
done;