How to check for Mail Exchange servers for any Domain using `nslookup`

How to check for Mail Exchange servers for any Domain using `nslookup`

The ‘nslookup‘ utility can be used to check for the specific Mail Exchange servers for any domain/subdomain. There are two ways to go about this;

nslookup-mx-domain

 

[METHOD 1] :: NON-INTERACTIVE MODE

For our case, the StartPage (startpage.com) Mail servers can be obtained by running the following command on Terminal;

nslookup -type=mx website.tld

where “mx” is short for mail exchange.

nslookup -type=mx startpage.com

 

The result of this command is a list of all Mail Exchangers for the associated domain. The results are;

Server: 10.19.0.1
Address: 10.19.0.1#53

Non-authoritative answer:
startpage.com mail exchanger = 10 alt4.aspmx.l.google.com.
startpage.com mail exchanger = 1 aspmx.l.google.com.
startpage.com mail exchanger = 5 alt1.aspmx.l.google.com.
startpage.com mail exchanger = 5 alt2.aspmx.l.google.com.
startpage.com mail exchanger = 10 alt3.aspmx.l.google.com.

Authoritative answers can be found from:

The above command “nslookup -type=mx startpage.com“, is one of two ways you can obtain information on mail exchangers using ‘nslookup‘, referred to as the non-interactive mode.

[METHOD 2] :: INTERACTIVE MODE

The other method that can be used is the interactive mode. To use it, type in “nslookup” on Terminal. A right angle bracket, “>” appears implying that nslookup is waiting for an input to query records. For the above case, you can perform the same Mail exchange server search as;

nslookup 
> set type=mx
> startpage.com

 

You get the same results as above. Below is the output:

;; communications error to 10.19.0.1#53: timed out
Server: 10.19.0.1
Address: 10.19.0.1#53

Non-authoritative answer:
startpage.com mail exchanger = 10 alt4.aspmx.l.google.com.
startpage.com mail exchanger = 1 aspmx.l.google.com.
startpage.com mail exchanger = 5 alt1.aspmx.l.google.com.
startpage.com mail exchanger = 5 alt2.aspmx.l.google.com.
startpage.com mail exchanger = 10 alt3.aspmx.l.google.com.

Authoritative answers can be found from:
>

The utility “nslookup” however, does not exit, but rather waits for your next input. You can end the session using a keyboard interrupt (Ctrl + C).

 

How to check for Mail Exchange servers for any Domain using `nslookup`
Recon | thetqweb