search

dotBATmanNO / PSGet-Domain-MailInfo

PowerShell script to get domain mail info and control status such as MX, SPF, DKIM, DMARC and StartTLS.
GNU General Public License v3.0
12 stars 2 forks source link

Add scoring to output #4

Open dotBATmanNO opened 4 years ago

dotBATmanNO commented 4 years ago

Use a CSV file to define the score to give, this allows for customization by user.

Combine existence of records with strength of records to give total score.

SPF Qualifier | Policy   | Protection
-----------------------------------
+all          | Pass     | None
~all          | Softfail | Weak
-all          | Fail     | Strong

SPF, DKIM and DMARC existence could score as shown below:

SPF_DKIM_DMARC      | Protection
-------------------------------------
False, False, False | None
False, False, True  | None
False, True, False  | Weak
False, True, True   | Weak
True, False, False  | Weak
True, False, True   | Strong
True, True, False   | Strong
True, True, True    | Strong
FrankSchuurman68 commented 3 years ago
SPF DKIM DMARC SUM Protection
0 0 1 1 none
0 2 0 2 weak
0 2 1 3 weak
3 0 0 3 weak
3 0 1 4 strong
3 2 0 5 strong
3 2 1 6 strong

Maybe giving it a value makes it easier.

 $ProtectionLevel = $dominfoSPF + $dominfoDMARC + $dominfoDKIM
 if ($ProtectionLevel -le 1) {$ProtectionLevel = "None"} 
 elseif ($ProtectionLevel -eq 2) {$ProtectionLevel = "Weak"}  
 elseif ($ProtectionLevel -eq 3) {$ProtectionLevel = "Weak"}  
 elseif ($ProtectionLevel -ge 4) {$ProtectionLevel = "Strong"}
   If ($dominfoSPFDet) 
   { 
     $dominfoSPF = 3
     if ($dominfoSPFDet -like '*+all*') { $dominfoQualifier = 0 } 
     elseif ($dominfoSPFDet -like '*~all*') {$dominfoQualifier = 1 } 
     elseif ($dominfoSPFDet -like '*-all*') {$dominfoQualifier = 2 }
    } 
    else 
    { 
      $dominfoSPF = $dominfoSPFDet = 0 
    }
 $ProtectionLevel = $dominfoSPF + $dominfoDMARC + $dominfoDKIM
 if ($ProtectionLevel -le 1) {$ProtectionLevel = "None"} 
 elseif ($ProtectionLevel -eq 2) {$ProtectionLevel = "Weak"}  
 elseif ($ProtectionLevel -eq 3) {$ProtectionLevel = "Weak"}  
 elseif ($ProtectionLevel -ge 4) {$ProtectionLevel = "Strong"}

 $ProtectionStrength = $dominfoQualifier
 if ( $ProtectionStrength -eq 0) { $ProtectionStrength = "None"} 
 elseif ( $ProtectionStrength -eq 1) { $ProtectionStrength = "Weak"}  
 elseif ( $ProtectionStrength -eq 2) { $ProtectionStrength = "Strong"}
 $row.ProtectionLevel = $ProtectionLevel
 $row.ProtectionStrength = $ProtectionStrength

Could maybe smarter.