mirror of
https://gitlab.com/simple-nixos-mailserver/nixos-mailserver.git
synced 2024-12-29 12:30:34 +05:00
Add check-mail-domain-dns script
This script does some checks on the domain name DNS configuration. It still lacks the DKIM and DMARC checks.
This commit is contained in:
parent
7788eccc24
commit
54a4d5d4f7
57
scripts/check-mail-domain-dns.sh
Executable file
57
scripts/check-mail-domain-dns.sh
Executable file
@ -0,0 +1,57 @@
|
|||||||
|
#!/usr/bin/env nix-shell
|
||||||
|
#!nix-shell -i bash --pure
|
||||||
|
#!nix-shell -p host
|
||||||
|
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
if [ $# -ne 3 ];
|
||||||
|
then
|
||||||
|
echo "This script checks the DNS configuration of your mail domain"
|
||||||
|
echo "Usage: $0 DOMAIN FQDN SERVER_IP"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
export DOMAIN=$1
|
||||||
|
export FQDN=$2
|
||||||
|
export SERVER_IP=$3
|
||||||
|
|
||||||
|
echo "Check '${DOMAIN}' as a DNS MX entry for '${FQDN}'"
|
||||||
|
if ! host -t MX "${DOMAIN}" | grep -q -e "${DOMAIN} mail is handled by .* ${FQDN}";
|
||||||
|
then
|
||||||
|
echo "Error: MX configuration is not correct"
|
||||||
|
host -t MX "${DOMAIN}"
|
||||||
|
exit 2
|
||||||
|
else
|
||||||
|
echo ok
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Check '${FQDN}' resolves to '${SERVER_IP}'"
|
||||||
|
IP=$(host "$FQDN" | grep "has address" | cut -d" " -f4)
|
||||||
|
if [ "${IP}" != "${SERVER_IP}" ];
|
||||||
|
then
|
||||||
|
echo "Error: $FQDN should resolve to '${SERVER_IP}' (and not '$IP')"
|
||||||
|
exit 2
|
||||||
|
else
|
||||||
|
echo "ok"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Check the reverse dns entry for '${SERVER_IP}' point to the address of '${FQDN}'"
|
||||||
|
DN=$(host "$SERVER_IP" | cut -d" " -f5)
|
||||||
|
RDN=$(echo "${DN}" | xargs host | grep "has address" | cut -d" " -f4)
|
||||||
|
if [ "${SERVER_IP}" != "${RDN}" ];
|
||||||
|
then
|
||||||
|
echo "Error: reverse DNS is not correctly configured"
|
||||||
|
exit 2
|
||||||
|
else
|
||||||
|
echo "ok"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "Check SPF is configured for ${DOMAIN}"
|
||||||
|
SPF=$(host -t TXT "${DOMAIN}")
|
||||||
|
if echo "${SPF}" | grep -q -e "v=spf1 .*+a:${FQDN}" || echo "${SPF}" | grep -q -e "v=spf1 .*ip4:${SERVER_IP}";
|
||||||
|
then
|
||||||
|
echo "ok"
|
||||||
|
else
|
||||||
|
echo "Error: SPF is not correctly configured"
|
||||||
|
echo " SPF TXT record: ${SPF}"
|
||||||
|
fi
|
Loading…
Reference in New Issue
Block a user