The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DNS Zone Templates for SPF records

Discussion in 'Bind / DNS / Nameserver Issues' started by mrgold, Oct 7, 2006.

  1. mrgold

    mrgold Registered

    Joined:
    Mar 4, 2005
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Adelaide, Australia
    Hi All

    A couple of questions -

    I am implementing SPF records as TXT entries in the DNS of all my existing sites in order to mitigate against spoof emails using my domain names. I want to change the zone template for new accounts also. Which template do I need to change - is it just the 'standard' template.
    What are the other templates for.

    Second question - when will Cpanel support SPF type DNS records.

    Thanks

    Martin
     
    #1 mrgold, Oct 7, 2006
    Last edited: Oct 7, 2006
  2. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    On ours, we actually added the SPF record to all 3 of the templates even though
    some domains might not actually be used for email. Doesn't hurt though.
     
  3. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    765
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    N.W. Iowa
    Hello,

    how exactly did you do this? Can you post a sample?

    Thx's
    Mickalo
     
  4. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Sure, no problem ....

    Code:
    %domain%. IN TXT "v=spf1 ip4:x.x.x.x  a mx a:(hostname) mx:(hostname) mx:(mail server) mx:%domain% include:(mail server) ~all"
    Add the above line to your DNS templates but with the following changes:

    x.x.x.x = your server's ip address bound to Exim
    (you could use %ip% if you use mostly shared IP accounts)

    (hostname) = your server's hostname

    (mail server) = your server's mail server (or primary domain name)

    If you have multiple IP addresses bound to Exim, you can add additional
    "ip4:x.x.x.x" sections in line to the SPF line

    Hope that helps ....

    Pretty simple and works!



    NOTE: Adding SPF to the templates will only effect new accounts and will not change existing domains but you can
    update those by modifying the respective /var/named/(domain).db files or rebuilding the DNS for the domains
     
    #4 Spiral, Oct 8, 2006
    Last edited: Oct 8, 2006
  5. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    765
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    N.W. Iowa
    This one here:
    Code:
    x.x.x.x = your server's ip address bound to Exim
    (you could use %ip% if you use mostly shared IP accounts)
    
    what does this mean ... which IP are you referring too here?

    I assume we could edit all the exisiting DNS zone files and add this to them them via the WHM >> Edit DNS zones ... correct?

    Mickalo
     
  6. tweakservers

    tweakservers Well-Known Member

    Joined:
    Mar 30, 2006
    Messages:
    379
    Likes Received:
    0
    Trophy Points:
    16
    Usually that's your primay share IP address. You may get that from the dnsreport.com in the MX zone.
     
  7. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    765
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    N.W. Iowa
    Ok, thanks. that's what I though it was ;)

    Appreciate the info.

    Mickalo
     
  8. mrgold

    mrgold Registered

    Joined:
    Mar 4, 2005
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Adelaide, Australia
    Thanks. I'm using a much simpler entry, in the 'standard' template -

    %domain%. IN TXT "v=spf1 a mx -all"

    Note that the "~" you've used gives a soft response, whereas I am using a "-" which gives a fail response..

    This entry produces good test results.

    SPF org suggests adding a

    %domain%. IN SPF "v=spf1 a mx -all", but this isn't supported yet on my server.

    I also have the following templates -

    simple
    simple.rej
    simple.orig
    standard.rej
    standard.orig
    and some ftp templates.

    When are each of these templates used ? I'm assuming that the 'standard' template is the one used when I create a new site ?

    Martin
     
  9. freedog96150

    freedog96150 Well-Known Member

    Joined:
    Mar 25, 2005
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Nevada, USA
    Anyone answer as to when the additional template files are used???
     
  10. mrgold

    mrgold Registered

    Joined:
    Mar 4, 2005
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Adelaide, Australia
    SPF Records

    No, not yet.

    Nor when SPF type records will be supported, bu this may not be a Cpanel issue ???

    Martin
     
Loading...

Share This Page