Automatic massive add of SPF records on all existing domain zones

[COBRAws]

HEllo,

I need to automatically add SPF records to all my dns zones I already have set up. I have a ton of domains without proper SPF records added, some of them do have them, but the mayority dont. I have updated the DNS ZONE Templates for future inclusion when an account/domain is addem from now on, so its just for the old accounts/domains.

Is there an automated way I can do this? Its a reall pain in the *** to manually add them.
Thank you,
Jack

[brianoz]

You'd have to write a Perl script I think. There is a system script around that allows you to rebuild the zone files but it's name currently escapes me. You could probably tweak that.

However since it's mostly just a matter of adding lines onto the ends of your zone files, and you could probably avoid needing to tweak the serial numbers [EDIT] by doing a "service named restart" after doing the mass edit (ie restarting named causes all the zones to be reloaded with the new changes, otherwise you'd have to change the serial number to get the new zone loaded).

[freedog96150]

Quote:

Originally Posted by COBRAws

HEllo,

I need to automatically add SPF records to all my dns zones I already have set up. I have a ton of domains without proper SPF records added, some of them do have them, but the mayority dont. I have updated the DNS ZONE Templates for future inclusion when an account/domain is addem from now on, so its just for the old accounts/domains.

Is there an automated way I can do this? Its a reall pain in the *** to manually add them.
Thank you,
Jack

I am curious. What did you add to your zone templates to add SPF records to all new accounts. I have had spotty luck with my changes working on all new account creations.

[COBRAws]

Quote:

Originally Posted by freedog96150

I am curious. What did you add to your zone templates to add SPF records to all new accounts. I have had spotty luck with my changes working on all new account creations.

Easy, I just added the following at the end of my DNS ZONE Templates:

Quote:

%domain%. IN TXT "v=spf1 ip4:xx.xx.xx.xx ip4:xx.xx.xx.xx ip4:xx.xx.xx.xx a mx ptr ~all"

The ip3: values deppends on how many IPs does your domain work on. I have several domains sending emails from different IP numbers, so I just add those IPs I know.

brianoz thanks for boost! Ill search for that perl script.

--EDiT--
I've found a perl script for adding new lines to the dns zone db's
here is the link: Editing DNS Zone Files Using Perl

[lloyd_tennison]

Just remember, servers using strict SPF will reject any email that you forward. See the spf website.

[sparek-3]

lloyd_tennison is right, atleast in the way that I understand SPF.

In order for SPF to work correctly, individual users are going to have to specify what IPs are meant to send e-mail from that domain. This may be the individual's ISP outgoing mail server or it could be any outgoing mail server. The IP of the SMTP server that you use to send out mail from your ISP may not be the same IP as the IP that the SMTP server actually sends the message out to the Internet. All of these are factors in concerns with SPF.

For SPF to really work with cPanel, I think an SPF wizard needs to be added to each individual's control panel. Then individual account owners can specify what IPs are suppose to be able to send out mail for that domain. Then if an account has users that use Bellsouth and Comcast Internet services, they can specify their ISP specific mail server sending IPs through the control panel and have it added to the SPF record for their domain. I would think that some checks would have to be included to insure that the SPF data is accurate or correct.

[Solokron]

Don't even dedicated IP accounts default and send via the server's main IP anyhow?

Quote:

Originally Posted by COBRAws

Easy, I just added the following at the end of my DNS ZONE Templates:



The ip3: values deppends on how many IPs does your domain work on. I have several domains sending emails from different IP numbers, so I just add those IPs I know.

brianoz thanks for boost! Ill search for that perl script.

--EDiT--
I've found a perl script for adding new lines to the dns zone db's
here is the link: Editing DNS Zone Files Using Perl