Loading controls...

Control: MX records should not contain IP address

Description

As per RFC 1035, an MX records must point to a host which itself can be resolved in the DNS. An IP address could not be used as it would be interpreted as an unqualified domain name, which cannot be resolved.

Usage

Run the control in your terminal:

steampipe check net_insights.control.dns_mx_not_contain_ip

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share net_insights.control.dns_mx_not_contain_ip

Plugins & Tables

net_dns_record

Params

Args	Name	Default	Description	Variable
$1	domain_names	`["github.com","microsoft.com"]`	DNS domain names.	domain_names

SQL

with domain_list as (
  select
    distinct domain
  from
    net_dns_record
  where
    domain in (
      select
        jsonb_array_elements_text(to_jsonb($1 :: text [ ]))
    )
),
mx_record_with_ip as (
  select
    domain,
    count(*)
  from
    net_dns_record
  where
    domain in (
      select
        domain
      from
        domain_list
    )
    and type = 'MX'
    and (
      select
        target ~ '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}'
    )
  group by
    domain
)
select
  d.domain as resource,
  case
    when i.domain is null then 'ok'
    else 'alarm'
  end as status,
  case
    when i.domain is null then d.domain || ' MX records do not contain IP addresses.'
    else 'At least 1 MX record in ' || d.domain || ' contains an IP address.'
  end as reason
from
  domain_list as d
  left join mx_record_with_ip as i on d.domain = i.domain;

turbot/net_insights

Control: MX records should not contain IP address

Description

Usage

Plugins & Tables

Params

SQL

Steampipe

Resources

Community