Retrieve Email DNS records using PowerShell

I have been doing a lot of Exchange on-prem to Exchange Online migrations the last few years, because of that I use a lot for querying of MX, SPF, DMARC and DKIM records. Wouldn’t it be convenient to get a simple overview of those records in a PowerShell function? This blogpost will show you how 🙂

How it works

PowerShell has a built-in cmdlet for retrieving DNS records, Resolve-DnsName. With this you can query records and specify what DNS server to connect to and what type of record (A, CNAME, MX, NS etc.) to retrieve. The Get-MailDomainInfo function that I made uses this cmdlet and shows you the information that you need to get a good overview of the servers and options being used for a specific domain. By default it connects to the (CloudFlare) DNS server but you can specify another one by using the -DNSServer parameter.

Example output

In the screenshot below the output is shown for

If you specify a domain which can’t be found, it will show an error message:

If the domain does exist, but does not have all records or services configured… It will return ‘Not enabled’ for those, in this example for my own domain it only returns the Domain Name, the autodiscover and the DKIM records seem to be there by default on a WordPress site? (I used the -DNSserver parameter here to specify another DNS server in this example)

The script

Below is the script which you can save and use as a function in all your PowerShell sessions by adding it to your profile (notepad $profile) by using . c:\data\Get-MailDomainInfo.ps1 for example.

function Get-MailDomainInfo {
        [parameter(Mandatory = $true)][string]$DomainName,
        [parameter(Mandatory = $false)][string]$DNSserver
    #Use DNS server when parameter DNSserver is not used
    if (-not ($DNSserver)) {
        $DNSserver = ''

    #Retrieve all mail DNS records
    $autodiscoverA = (Resolve-DnsName -Name "autodiscover.$($domainname)" -Type A -Server $DNSserver -ErrorAction SilentlyContinue).IPAddress
    $autodiscoverCNAME = (Resolve-DnsName -Name "autodiscover.$($domainname)" -Type CNAME -Server $DNSserver -ErrorAction SilentlyContinue).NameHost
    $dkim1 = Resolve-DnsName -Name "selector1._domainkey.$($domainname)" -Type CNAME -Server $DNSserver -ErrorAction SilentlyContinue
    $dkim2 = Resolve-DnsName -Name "selector2._domainkey.$($domainname)" -Type CNAME -Server $DNSserver -ErrorAction SilentlyContinue
    $domain = Resolve-DnsName -Name $DomainName -Server $DNSserver -ErrorAction SilentlyContinue
    $dmarc = (Resolve-DnsName -Name "_dmarc.$($DomainName)" -Type TXT -Server $DNSserver -ErrorAction SilentlyContinue).Strings
    $mx = (Resolve-DnsName -Name $DomainName -Type MX -Server $DNSserver -ErrorAction SilentlyContinue).NameExchange
    $spf = (Resolve-DnsName -Name $DomainName -Type TXT -Server $DNSserver -ErrorAction SilentlyContinue | Where-Object Strings -Match 'v=spf').Strings

    #Set variables to Not enabled or found if they can't be retrieved
    #and stop script if domainname is not valid 
    $errorfinding = 'Not enabled'
    if ($null -eq $domain) {
        Write-host $DomainName not found -ForegroundColor Red

    if ($null -eq $dkim1 -and $null -eq $dkim2) {
        $dkim = $errorfinding
    else {
        $dkim = "$($dkim1.Name) , $($dkim2.Name)"

    if ($null -eq $dmarc) {
        $dmarc = $errorfinding

    if ($null -eq $mx) {
        $mx = $errorfinding

    if ($null -eq $spf) {
        $spf = $errorfinding

    if (($autodiscoverA).count -gt 1) {
        $autodiscoverA = $errorfinding

    if ($null -eq $autodiscoverCNAME) {
        $autodiscoverCNAME = $errorfinding

    $info = [PSCustomObject]@{
        'Domain Name'             = $DomainName
        'Autodiscover IP-Address' = $autodiscoverA
        'Autodiscover CNAME '     = $autodiscoverCNAME
        'DKIM Record'             = $dkim
        'DMARC Record'            = $dmarc
        'MX Record(s)'            = $mx -join ', '
        'SPF Record'              = $spf
    return $info

Download the script(s) from GitHub here

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.