I can use dig to get the full master file output of DNS info, and for my problem I am interested in the information in the "additional" section:
$ dig example.com
; <<>> DiG 9.9.4-RedHat-9.9.4-61.el7_5.1 <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36588
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 2
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.com. IN A
;; ADDITIONAL SECTION:
example.server.com. 60 IN SOA need.to.know.only. hostmaster.spamhaus.org. 1542300481 60 60 432000 60
;; Query time: 1 msec
;; SERVER: xxx.xxx.xxx.xxx#53(xxx.xxx.xxx.xxx)
;; WHEN: Thu Nov 15 11:53:41 EST 2018
;; MSG SIZE rcvd: 161
This is an easy way I can know that my RPZ is blocking the domain via Spamhaus. I want to provide an easy method for anyone on any operating system to get at this information. Unfortunately the only tool that seems to be everywhere is nslookup, and I cannot seem to give it an option that will return that info in a single command line run. In *nix, I would do:
dig +noall +additional example.com
If the SOA record says "need.to.know.only.", that is my confirmation.
How can I do this in Windows (or really, one command that will work on any operating system)?
EDIT:
- I realize I can use the interactive mode of nslookup and set debugging option, but that is too much info for a non-technical person to weed through.
- I am also open to using a web page to do the lookup, but it is critical that that web page use MY DNS servers, because that is where the block is happening.
Per your edit, it sounds like you can see what you are looking for with the "debug" option, but you don't want to use interactive mode. You can still get this with a single command:
It looks like there is no single command that will run on EVERY operating system, but I could break it down like this:
But since I already know at that point that I am on a *nix box, I could just say:
Again, the idea is to make a single check a non-technical user could run and see a clean answer to the question.