Bulk add SPF (not replace)?

[MACscr]

Adding a smarthost for exim and obviously need to add that spf record as well. A bit tricky when just trying to add it to current spf records and not just replace some existing entry. Guess I should probably add it to the zone template too, right?

 

[syslint]

Yes, You need to add it to the zone template.

 

[MACscr]

Sorry, i should have put the question in the content and not just the subject too. I need to know though how to bulk ADD to all the existing spf records.

 

[cPanelMichael]

Hello

The following thread should help you get started:

Bulk DNS Zone Update

Thank you.

 

[MACscr]

Those instructions are for replacing a value, which is easy. Doesn't help.

 

[cPanelMichael]

There's an additional link in the thread I referenced that shows how to add new entries to a zone in mass:

Bulk DNS insert

You could remove all existing SPF records first, and then add the new entries with the modifications of your choosing.

Thank you.

 

[MACscr]

We are specifically talking about adding new values to EXISTING SPF records. All the SPF records could easily be different right now. This is where the complication resides. We are not talking about simply adding whole new A records or a whole new SPF record to a zone. We are talking about ADDING to EXISTING SPF zones that are not the same. Hopefully this makes more sense now. =)

 

[MACscr]

Looks like this might work according to a helpful user on IRC:

Kundun

you can also use /usr/local/cpanel/bin/spf_installer to do this. "spf_installer $username 'include:spf.blah.com' 0 0 1" will add "+include:spf.blah.com" without removing the existing record

the ' 0 0 1' is important (cause that 1 at the end is what tells it to preserve)

 

[cPanelMichael]

Here's the usage output that explains this further:

Usage: /usr/local/cpanel/bin/spf_installer <user> [policy [is-complete [overwrite [preserve]]]]

Installs an SPF policy in TXT records for the given user's domains.

Note: The following will be prepended to the policy: +a +mx +ip4:<main-IP>.

Options:
    <user>      User whose domains will receive the SPF record.

    <policy>
                Comma delimited list of SPF mechanisms to include in the
                policy, e.g:
                '+ip4:192.0.2.0/24,-ip4:203.0.113.5,+ip6:2001:db8:1a34::/64'.
                Default: ""

    <is-complete>
                Indicates whether the policy represents a complete record,
                that is, whether it should terminate with "-all".  Use "1"
                to indicate that it is; otherwise, use "0".  Default: "0"

    <overwrite>
                Indicates whether all SPF records should be overwritten for
                the user.  If not, only select records will be replaced; see
                Overwrite.  Use "1" to indicate that it should; otherwise,
                use "0".  Default: "0"

    <preserve>
                Indicates that existing mechanisms should be retained from the
                current SPF record for the domain.  Use "1" to indicate that
                they should be kept; otherwise, use "0".  Default: "0"

Overwrite

When this script is run, the zone file for the domain is inspected and the
first SPF record that is found (generally, the main domain) is recorded.  Any
other subdomains that have an identical SPF record to this one are replaced.
If <overwrite> is "1", then all SPF records, regardless of whether their
content matches the first record, are replaced.

Thank you.