DNS Zone Templates for SPF records
Hi All
A couple of questions -
I am implementing SPF records as TXT entries in the DNS of all my existing sites in order to mitigate against spoof emails using my domain names. I want to change the zone template for new accounts also. Which template do I need to change - is it just the 'standard' template.
What are the other templates for.
Second question - when will Cpanel support SPF type DNS records.
Thanks
Martin
Last edited by mrgold; 10-07-2006 at 10:54 PM. Reason: typos
On ours, we actually added the SPF record to all 3 of the templates even though
some domains might not actually be used for email. Doesn't hurt though.
Hello,Originally Posted by Spiral
how exactly did you do this? Can you post a sample?
Thx's
Mickalo
Thunder Rain Internet Publishing
Providing Internet Solutions that work!
Custom Perl and Database Programming
Sure, no problem ....
Add the above line to your DNS templates but with the following changes:Code:%domain%. IN TXT "v=spf1 ip4:x.x.x.x a mx a:(hostname) mx:(hostname) mx:(mail server) mx:%domain% include:(mail server) ~all"
x.x.x.x = your server's ip address bound to Exim
(you could use %ip% if you use mostly shared IP accounts)
(hostname) = your server's hostname
(mail server) = your server's mail server (or primary domain name)
If you have multiple IP addresses bound to Exim, you can add additional
"ip4:x.x.x.x" sections in line to the SPF line
Hope that helps ....
Pretty simple and works!
NOTE: Adding SPF to the templates will only effect new accounts and will not change existing domains but you can
update those by modifying the respective /var/named/(domain).db files or rebuilding the DNS for the domains
Last edited by Spiral; 10-08-2006 at 09:43 AM.
This one here:
what does this mean ... which IP are you referring too here?Code:x.x.x.x = your server's ip address bound to Exim (you could use %ip% if you use mostly shared IP accounts)
I assume we could edit all the exisiting DNS zone files and add this to them them via the WHM >> Edit DNS zones ... correct?
Mickalo
Thunder Rain Internet Publishing
Providing Internet Solutions that work!
Custom Perl and Database Programming
Usually that's your primay share IP address. You may get that from the dnsreport.com in the MX zone.
Tweakservers | Professional Server Setup & Security Hardening
Authorised SmarterTools Reseller, SSL Certificate & TRUSTe Privacy Policy
Ok, thanks. that's what I though it was
Appreciate the info.
Mickalo
Thunder Rain Internet Publishing
Providing Internet Solutions that work!
Custom Perl and Database Programming
Thanks. I'm using a much simpler entry, in the 'standard' template -
%domain%. IN TXT "v=spf1 a mx -all"
Note that the "~" you've used gives a soft response, whereas I am using a "-" which gives a fail response..
This entry produces good test results.
SPF org suggests adding a
%domain%. IN SPF "v=spf1 a mx -all", but this isn't supported yet on my server.
I also have the following templates -
simple
simple.rej
simple.orig
standard.rej
standard.orig
and some ftp templates.
When are each of these templates used ? I'm assuming that the 'standard' template is the one used when I create a new site ?
Martin
Anyone answer as to when the additional template files are used???
**********************
Brian Frias
"Without fear, there is no
courage"
**********************
SPF Records
No, not yet.
Nor when SPF type records will be supported, bu this may not be a Cpanel issue ???
Martin
LinkBack URL
About LinkBacks
Reply With Quote