6

By provider, I mean the provider responsible for mail, e.g. for gmail the provider would be gmail(or/by google) and for microsoft.com it would be outlook(by microsoft).

Basically, I want to find out given an email domain e.g. abc@xyz.com, hxy@tuv.com is from a specific provider(outlook or gmail) in our case, since xyz or tuv is not explicitly evident which provider it belongs to.

I have succeded somewhat, my idea being to make use of MX records, so I do something like this in nodejs:

const dnsMod = require('dns');

dnsMod.resolveMx(
    'mydomain.com', (err, value)=>{
        console.log('The error is : ', err);
        console.log('The value is : ', value);
    }
)

and it returns records like this:

[
  { exchange: 'alt3.gmail-smtp-in.l.google.com', priority: 30 },
  { exchange: 'alt1.gmail-smtp-in.l.google.com', priority: 10 },
  { exchange: 'gmail-smtp-in.l.google.com', priority: 5 },
  { exchange: 'alt2.gmail-smtp-in.l.google.com', priority: 20 },
  { exchange: 'alt4.gmail-smtp-in.l.google.com', priority: 40 }
]

so, seeing this we can conclude the provider in this case is infact gmail.

But, my point is, is it safe to conclude the provider is gmail just it contains words like google, gmail etc. In other words, do google's mail servers always have a google.com in the end, (or Similarly, microsoft's mail provider have outlook.com or microsoft.com in the end)? If not, what better way would be to confirm this?

EDIT: As per suggested by comment, I need the information because, based on the information I need to show only one of google or outlook button.

BumbleBee
  • 87
  • 2
  • 16
  • "is it safe to conclude the provider is gmail just it contains words like google, gmail" Not if it includes word (anywhere) but if it is an hostname **ending** in `.google.com` ; However all of this will still be heuristics. And people can use "vanity" names so you will see `mx1.example.com` while in reality in the backend it is another well known email provider. You may enhance your question by explaining why you need that information, because then there may be other solutions. – Patrick Mevzek Jun 22 '21 at 15:51
  • @PatrickMevzek , by " Not if it includes word (anywhere) but if it is an hostname ending in .google.com" do you mean we can confirm it's gmail if the mail server's name ends in `.google.com`? – BumbleBee Jun 22 '21 at 16:03
  • @PatrickMevzek , also, do you mean by this: " However all of this will still be heuristics. And people can use "vanity" names so you will see mx1.example.com while in reality in the backend it is another well known email provider. " , that google can use something like : "xyz.com" for one of their mail servers(even though it's probably not gonna happen)? – BumbleBee Jun 22 '21 at 16:05
  • @PatrickMevzek , please see the above two comments, and I've also edited the question to include what you had suggested – BumbleBee Jun 22 '21 at 16:06
  • You can find many heuristics. For O365 for example see https://learn.microsoft.com/en-us/microsoft-365/enterprise/external-domain-name-system-records?view=o365-worldwide aka if there is an SPF (TXT) record with `include:spf.protection.outlook.com` you could infer that at least the sending part is handled by O365 somehow and hence "maybe" the incoming part of emails. Or "autodiscovery" through `SRV` records and specific HTTP endpoints, see https://learn.microsoft.com/en-us/Exchange/architecture/client-access/autodiscover?view=exchserver-2019 – Patrick Mevzek Jun 22 '21 at 16:29
  • what exactly do you mean by heuristics? – BumbleBee Jun 22 '21 at 16:38
  • @PatrickMevzek , atleast please confirm this: " Not if it includes word (anywhere) but if it is an hostname ending in .google.com" do you mean we can confirm it's gmail if the mail server's name ends in .google.com? – BumbleBee Jun 22 '21 at 16:42
  • If the `MX` hostname ends in `.google.com` it just means emails are (theoretically) managed by Google, but you can't know which "service" or even if the mail is configured correctly (anyone can put those MX records for any name, but that is not enough for email service to work). You can then apply further heuristics when looking at things like `gmail-smtp-in` in name. But they are just heuristics. heuristic = involving or serving as an aid to learning, discovery, or problem-solving by experimental and especially trial-and-error methods. So not foolproof. – Patrick Mevzek Jun 22 '21 at 18:03
  • TBH, I don't understand your part " I need the information because, based on the information I need to show only one of google or outlook button." Why do you exclude people using other email services? – Patrick Mevzek Jun 22 '21 at 18:03
  • @PatrickMevzek , "anyone can put those MX records for any name, but that is not enough for email service to work", but, they can only put any canonical name right? The name of the mail server would have to be unique, isn't it? – BumbleBee Jun 23 '21 at 08:50

2 Answers2

2

For getting the information who is the responsible for the mail domain do a whois query by your prefered whois query service, pe. by https://who.is

Alfred.37
  • 181
  • 1
  • 12
  • these probably only do lookupon various records, like the dns record mentioned above. The information is probably not sufficient. Or have I missed anything? Please do point me to data that confirms me the mail service provider. – juztcode Jul 04 '21 at 12:35
  • @juztcode, You should finde the adress, email adress and phone number on this way. If you dont find. Do a whois query by a other service. – Alfred.37 Jul 04 '21 at 15:31
0

Based on the answer of eddy, you can do a whois query by automatic too:

  • these probably only do lookupon various records, like the dns record mentioned above. The information is probably not sufficient. Or have I missed anything? Please do point me to data that confirms me the mail service provider. – juztcode Jul 04 '21 at 12:36
  • juztcode, You should finde the adress, email adress and phone number on this way. If you dont find. Do a whois query by a other service. – Alfred.37 Jul 04 '21 at 15:31