Home/ Questions/Q 7855605
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-02T20:26:16+00:00

I am using a csv file to nslookup each domain in the first column

  • 0

I am using a csv file to nslookup each domain in the first column of my file.
What I am doing is checking if domains in my domains list match my servers.
Does the domain’s MX records point to my server?
Does the domain’s nameservers match my nameservers?

Right now I have a setup sort of working. Im searching stdout for my server IPs/hosts/etc. If they match, or not, I write something.

However if an MX record points to a sub domain of itself its not enough to determine if that alone is one of my IPs. This is what Im doing now:

Eg nslookup:

$ nslookup -type=MX mydomain.com
Server:     192.168.1.1
Address:    192.168.1.1#53

Non-authoritative answer:
mydomain.com    mail exchanger = 10 mail.mydomain.com.
Authoritative answers can be found from:
mail.mydomain.com   internet address = 1.2.3.4 # << I seem to think this isn't always present.

current subdomain workaround:

        elif 'mail.' + row[0] in stdout:
                host2ip = socket.gethostbyname('mail.' + row[0])
                newdata = [host2ip]
                writer.writerow(row + newdata)

But what if the domain is using mx = mail2.mydomain.com or any other subdomain/A-Record the above fails.

What would be better is to use the output (mail.domain.com or mail2.mydomain.com or whatever) and write it to the row (or as before I’ll socket.gethostbyname( value ))

Ive not managed to find another way of what I’d like to do. Online searches have mostly pointed at using the entire stdout to append with. Where I’d like to search the stdout for ‘mail exchanger =’ ### and use the text proceding the mx priority, or, mail.mydomain.com

entire python

#!/usr/bin/python
#

import datetime
import csv
import os, time
import socket
from stat import * # ST_SIZE etc
from subprocess import Popen, PIPE, STDOUT

# Set Date
now = datetime.datetime.now()
today = now.strftime("%m-%d-%Y")

# Files
original = "dns_list.csv"
results = "results/dns_results_" + today + ".csv" #dns_results_04-14-2012.csv
tempfile = results + ".tmp"

# Commands
mxscan = "nslookup -type=MX"
nsscan = "nslookup -type=NS"
ascan = "nslookup -type=A"
digserver = "8.8.8.8"
SP = " "

incsv = open(original, 'rb')
try:
    reader = csv.reader(incsv)

    outcsv = open(tempfile, 'wb')
    try:
        writer = csv.writer(outcsv)

        for row in reader:
            p = Popen(mxscan + SP + row[0] + SP + digserver, shell=True, stdin=PIPE, stdout=PIPE, stderr=PIPE)
            stdout, empty = p.communicate()

            print 'Command: %s\nOutput: %s\n' % (mxscan + SP + row[0] + SP + digserver , stdout)


            if not stdout or 'find Zone: NXDOMAIN' in stdout: # 'Zone' is column header
                newdata = ['mail exchange']
                writer.writerow(row + newdata)
            elif 'psmtp.com' in stdout:
                    newdata = ['Postini']
                    writer.writerow(row + newdata)
            elif 'mail.' + row[0] in stdout:
                    host2ip = socket.gethostbyname('mail.' + row[0])
                    newdata = [host2ip]
                    writer.writerow(row + newdata)
            else:
                newdata = ['External Email']
                writer.writerow(row + newdata)


    finally:
        outcsv.close()
finally:
    incsv.close()


original = tempfile
incsv = open(original, 'rb')
try:
    reader = csv.reader(incsv)
    outcsv = open(results, 'wb')
    try:
        writer = csv.writer(outcsv)

        for row in reader:
            p = Popen(nsscan + SP + row[0], shell=True, stdin=PIPE,stdout=PIPE, stderr=PIPE)
            stdout, empty = p.communicate()

            print 'Command: %s\nOutput: %s\n' % (mxscan + SP + row[0],stdout)

            if not stdout or 'find Zone: NXDOMAIN' in stdout:
                newdata = ['A records', 'Action']
                writer.writerow(row + newdata)
            elif 'nameserver = dauth1.mydomain.com' in stdout or 'nameserver = dauth2.mydomain.com' in stdout:
                    newdata = ['dauth1/2']
                    writer.writerow(row + newdata)
            elif 'nameserver = ns1.mydomain.com' in stdout or 'nameserver = ns2.mydomain.com' in stdout:
                    newdata = ['ns1/2']
                    writer.writerow(row + newdata)
            else:
                newdata = ['External DNS', 'Delete/Charge']
                writer.writerow(row + newdata)

    finally:
        outcsv.close()
finally:
    incsv.close()


print "Writing changes to new file...."
time.sleep(1)
os.remove(tempfile)
print "Complete! Your new file is located at /root/mxscan/" + results

Any thoughts?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This is not answering your question about parsing stdout but I think it will help with your problem in general.

    Check out the dnspython module. The first example provided should help you clean up your MX queries a bit.

    import dns.resolver

answers = dns.resolver.query('dnspython.org', 'MX')
for rdata in answers:
    print 'Host', rdata.exchange, 'has preference', rdata.preference

    You could then perform lookups of rdata.exchange and compare it to the hostname or ip addresses that belong to you.

    answers = dns.resolver.query(rdata.exchange)
[a.address for a in answers]

    UPDATE:
    Not sure why you would want to raise a NXDOMAIN exception yourself but this is a way to handle them.

    try:
    answers = dns.resolver.query('bogus.test.for.nxdomain')
except dns.resolver.NXDOMAIN:
    print "NXDOMAIN exception caught."
else:
    print "What?  Maybe my query is going to a 'helpful' server" \
          "that resolves non-existant dns queries to its own server."
    print "Add a filter for the ip address(s) we just got."
    print list(answers)
    • 0