[SOLVED] What is the best way to find the IP of a domain's primary mail server?

abefroman · 01-19-2015, 10:13 AM

What is the best way to find the IP of a domain's primary mail server?

This command works, but seems a little over complicated:

Code:

host `host -tmx domain.com | awk {'print $6 " " $7'} |sort -n | awk {'print $2'}` |grep address |awk {'print $4'}

AlucardZero · 01-19-2015, 10:55 AM

Not much better:

Code:

dig +short -x PTR $(dig +short MX domain.com | sort -n | head -n1 | awk '{print $2}')

Don't forget that there can be multiple MX records, so I added the 'head -n1'

dijetlo · 01-19-2015, 11:37 AM

I tried this Al, with varying results. It's important to remember you're not actually targeting a mail servers with DNS. More often, the MX and PTR records are directed at a load balancer that shuffles the requests across multiple IPs as part of an SMTP-DOS defense strategy. In effect, you are looking for the Domain IP address that accepts mail for forwarding and there are any number of those and none of the "primary".
Still, great script, it expanded my thinking as far as substitution.