知乎專欄 | 多維度架構 | 微信號 netkiller-ebook | QQ群:128659835 請註明“讀者” |
目錄
從主域開始查看 txt 記錄
neo@netkiller:~$ nslookup -type=txt 163.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: 163.com text = "v=spf1 include:spf.163.com -all" Authoritative answers can be found from:
找到 spf.163.com 域名,再查看它的 txt 記錄
neo@netkiller:~$ nslookup -type=txt spf.163.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: spf.163.com text = "v=spf1 include:a.spf.163.com include:b.spf.163.com include:c.spf.163.com include:d.spf.163.com -all" Authoritative answers can be found from:
一次查看 a.spf.163.com ~ d.spf.163.com 幾個域名
neo@netkiller:~$ nslookup -type=txt a.spf.163.com Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: a.spf.163.com text = "v=spf1 ip4:220.181.12.0/22 ip4:220.181.31.0/24 ip4:123.125.50.0/24 ip4:220.181.72.0/24 ip4:123.58.178.0/24 ip4:123.58.177.0/24 ip4:113.108.225.0/24 ip4:218.107.63.0/24 ip4:123.58.189.128/25 -all" Authoritative answers can be found from:
這樣就可以獲得163.com所有郵件伺服器的IP地址
下面我們使用 dig 演示此過程
neo@netkiller:~$ dig -t txt google.com ; <<>> DiG 9.9.5-11ubuntu1.2-Ubuntu <<>> -t txt google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55272 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;google.com. IN TXT ;; ANSWER SECTION: google.com. 3599 IN TXT "v=spf1 include:_spf.google.com ~all" ;; Query time: 40 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Wed Feb 24 11:12:01 HKT 2016 ;; MSG SIZE rcvd: 87 neo@netkiller:~$ dig -t txt _spf.google.com ; <<>> DiG 9.9.5-11ubuntu1.2-Ubuntu <<>> -t txt _spf.google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24347 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;_spf.google.com. IN TXT ;; ANSWER SECTION: _spf.google.com. 299 IN TXT "v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ~all" ;; Query time: 45 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Wed Feb 24 11:12:07 HKT 2016 ;; MSG SIZE rcvd: 160 neo@netkiller:~$ dig -t txt _netblocks.google.com ; <<>> DiG 9.9.5-11ubuntu1.2-Ubuntu <<>> -t txt _netblocks.google.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59355 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;_netblocks.google.com. IN TXT ;; ANSWER SECTION: _netblocks.google.com. 3599 IN TXT "v=spf1 ip4:64.18.0.0/20 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.177.8.0/21 ip4:173.194.0.0/16 ip4:207.126.144.0/20 ip4:209.85.128.0/17 ip4:216.58.192.0/19 ip4:216.239.32.0/19 ~all" ;; Query time: 42 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Wed Feb 24 11:12:13 HKT 2016 ;; MSG SIZE rcvd: 304