Hey there! So, this is a PowerShell script that gets the accepted domains in a Microsoft 365 tenant. After that, it checks for SPF, DKIM and DMARC DNS records for each domain and returns a report on the status of these records. As of right now, it only grabs the default domain, but it can easily be modified to get all domains.
If any of the DNS records are missing, the script will prompt you to generate a CSV file with the missing DNS records. For usability the CSV is loaded into the clipboard and can be posted in a spreadsheet. The CSV file can be used as a reference to add the missing DNS records to the domain’s DNS zone.
The script also checks the DKIM signing configuration for each domain, and if it’s disabled, it prompts the user to enable it.
Overall, this script helps Exchange Online admins ensure that their tenant’s DNS records are correctly configured for SPF, DKIM and DMARC, and prompts them to fix any missing records. It’s a handy tool for anyone who manages an Exchange Online environment and wants to ensure that their organization’s email is secure and reliable.
