Is there a method to find a domain's DKIM and DMARC records using dig or nslookup?
I have attempted to do the following:
dig somedomain.org any
returns many records, but not the known DKIM and DMARC text records.
nslookup -type=txt somedomain.org
returns all the text records known except the DKIM and DMARC records.
To query the TXT record for DMARC, you can use:
dig TXT _dmarc.example.org
To query for a particular record for DKIM, you would need to know the selector prefix. You will find it in the s value in an email's DKIM-Signature.
For example:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=example.org;
s=google; t=1615461277;
[…]
You would then query it as TXT:
dig TXT google._domainkey.example.org
For DKIM records, if you have received a DKIM-signed email from that domain, look at the DKIM-Signature header line(s).
From the spec:
All DKIM keys are stored in a subdomain named _domainkey. Given a DKIM-Signature field with a "d=" tag of example.com and an "s=" tag of foo.bar, the DNS query will be for foo.bar._domainkey.example.com.
So in this example, you can then run:
dig TXT foo.bar._domainkey.example.com
Credit to andol, whose comment led me to this solution.
You should use +short with dig to get the DMARC record only.
dig +short TXT _dmarc.domain.com
You can directly query the API at the archive.prove.email DKIM registry via POSTing any domain, and then get any known selectors and current/historical DKIM keys back for over a million DKIM keys! So you wouldn't use dig or nslookup, you'd cURL the API instead. You wouldn't need to know the selector, as they already tried over 4000 selectors for those domains.
Using Windows built-in tool nslookup
nslookupset type=txt_dmarc.somedomain.org, replace somedomain.orgExample:
C:\Users\user>nslookup
Default Server: localdns
Address: 192.168.1.1
> set type=txt
> _dmarc.somedomain.org
Non-authoritative answer:
_dmarc.somedomain.org text =
"v=DMARC1; p=none; rua=mailto:postmaster@somedomain.org"
You may use server 8.8.8.8 (Google DNS) before lookup DMARC TXT record.
