Finding Public IP Ranges using DIG

This is one way to find public IP Ranges for email using DIG. This is used if you want to get the latest IP Ranges for whitelisting. The vendor might have this available on their site but if they don’t, this is one way to get them. You’ll notice you’re looking for the SPF configuration. Since SPF uses IP Addresses to help prevent SPAM, it’s one way to get the IP Blocks or just IP’s that are used for sending email.

1. DIG gmail.com txt = find SPF
2. DIG _spf.google.com txt = look at SPF
3. DIG _netblocks.google.com txt = look at IP Block
4. DIG _netblocks2.google.com txt = look at IP Block
5. DIG _netblocks3.google.com txt = look at IP Block

DIG gmail.com txt

; <<>> DiG 9.16.8 <<>> gmail.com txt
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24728
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;gmail.com.                     IN      TXT

;; ANSWER SECTION:
gmail.com.              171     IN      TXT     "v=spf1 redirect=_spf.google.com"
gmail.com.              3471    IN      TXT     "globalsign-smime-dv=CDYX+XFHUw2wml6/Gb8+59BsH31KzUr6c1l2BPvqKX8="

;; Query time: 23 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Wed Nov 18 10:42:16 Eastern Standard Time 2020
;; MSG SIZE  rcvd: 159

DIG _spf.google.com txt:

; <<>> DiG 9.16.8 <<>> _spf.google.com txt
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57504
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;_spf.google.com.               IN      TXT

;; ANSWER SECTION:
_spf.google.com.        209     IN      TXT     "v=spf1 include:_netblocks.google.com include:_netblocks2.google.com include:_netblocks3.google.com ~all"

;; Query time: 22 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Wed Nov 18 10:43:11 Eastern Standard Time 2020
;; MSG SIZE  rcvd: 160

DIG _netblocks.google.com txt:

; <<>> DiG 9.16.8 <<>> _netblocks.google.com txt
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61135
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;_netblocks.google.com.         IN      TXT

;; ANSWER SECTION:
_netblocks.google.com.  1       IN      TXT     "v=spf1 ip4:35.190.247.0/24 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.177.8.0/21 ip4:173.194.0.0/16 ip4:209.85.128.0/17 ip4:216.58.192.0/19 ip4:216.239.32.0/19 ~all"

;; Query time: 18 msec
;; SERVER: 4.2.2.2#53(4.2.2.2)
;; WHEN: Wed Nov 18 10:44:02 Eastern Standard Time 2020
;; MSG SIZE  rcvd: 286