DNS Zone Templates for SPF records

M

mrgold

Registered
Mar 4, 2005
3
0
151
Adelaide, Australia
Hi All

A couple of questions -

I am implementing SPF records as TXT entries in the DNS of all my existing sites in order to mitigate against spoof emails using my domain names. I want to change the zone template for new accounts also. Which template do I need to change - is it just the 'standard' template.
What are the other templates for.

Second question - when will Cpanel support SPF type DNS records.

Thanks

Martin
 
Last edited:
Spiral

Spiral

BANNED
Jun 24, 2005
2,018
8
193
On ours, we actually added the SPF record to all 3 of the templates even though
some domains might not actually be used for email. Doesn't hurt though.
 
Spiral

Spiral

BANNED
Jun 24, 2005
2,018
8
193
mickalo said:
how exactly did you do this? Can you post a sample?
Click to expand...
Sure, no problem ....

Code: 
%domain%. IN TXT "v=spf1 ip4:x.x.x.x  a mx a:(hostname) mx:(hostname) mx:(mail server) mx:%domain% include:(mail server) ~all"
Add the above line to your DNS templates but with the following changes:

x.x.x.x = your server's ip address bound to Exim
(you could use %ip% if you use mostly shared IP accounts)

(hostname) = your server's hostname

(mail server) = your server's mail server (or primary domain name)

If you have multiple IP addresses bound to Exim, you can add additional
"ip4:x.x.x.x" sections in line to the SPF line

Hope that helps ....

Pretty simple and works!



NOTE: Adding SPF to the templates will only effect new accounts and will not change existing domains but you can
update those by modifying the respective /var/named/(domain).db files or rebuilding the DNS for the domains
 
Last edited:
mickalo

mickalo

Well-Known Member
Apr 16, 2002
782
5
318
N.W. Iowa
Spiral said:
Sure, no problem ....

Code: 
%domain%. IN TXT "v=spf1 ip4:x.x.x.x  a mx a:(hostname) mx:(hostname) mx:(mail server) mx:%domain% include:(mail server) ~all"
Add the above line to your DNS templates but with the following changes:

x.x.x.x = your server's ip address bound to Exim
(you could use %ip% if you use mostly shared IP accounts)

(hostname) = your server's hostname

(mail server) = your server's mail server (or primary domain name)

If you have multiple IP addresses bound to Exim, you can add additional
"ip4:x.x.x.x" sections in line to the SPF line

Hope that helps ....

Pretty simple and works!



NOTE: Adding SPF to the templates will only effect new accounts and will not change existing domains but you can
update those by modifying the respective /var/named/(domain).db files or rebuilding the DNS for the domains
Click to expand...
This one here:
Code: 
x.x.x.x = your server's ip address bound to Exim
(you could use %ip% if you use mostly shared IP accounts)
what does this mean ... which IP are you referring too here?

I assume we could edit all the exisiting DNS zone files and add this to them them via the WHM >> Edit DNS zones ... correct?

Mickalo
 
T

tweakservers

Well-Known Member
Mar 30, 2006
379
0
166
mickalo said:
This one here:
Code: 
x.x.x.x = your server's ip address bound to Exim
(you could use %ip% if you use mostly shared IP accounts)
what does this mean ... which IP are you referring too here?

I assume we could edit all the exisiting DNS zone files and add this to them them via the WHM >> Edit DNS zones ... correct?

Mickalo
Click to expand...
Usually that's your primay share IP address. You may get that from the dnsreport.com in the MX zone.
 
M

mrgold

Registered
Mar 4, 2005
3
0
151
Adelaide, Australia
Spiral said:
Sure, no problem ....

Code: 
%domain%. IN TXT "v=spf1 ip4:x.x.x.x  a mx a:(hostname) mx:(hostname) mx:(mail server) mx:%domain% include:(mail server) ~all"
Add the above line to your DNS templates but with the following changes:

x.x.x.x = your server's ip address bound to Exim
(you could use %ip% if you use mostly shared IP accounts)

(hostname) = your server's hostname

(mail server) = your server's mail server (or primary domain name)

If you have multiple IP addresses bound to Exim, you can add additional
"ip4:x.x.x.x" sections in line to the SPF line

Hope that helps ....

Pretty simple and works!



NOTE: Adding SPF to the templates will only effect new accounts and will not change existing domains but you can
update those by modifying the respective /var/named/(domain).db files or rebuilding the DNS for the domains
Click to expand...
Thanks. I'm using a much simpler entry, in the 'standard' template -

%domain%. IN TXT "v=spf1 a mx -all"

Note that the "~" you've used gives a soft response, whereas I am using a "-" which gives a fail response..

This entry produces good test results.

SPF org suggests adding a

%domain%. IN SPF "v=spf1 a mx -all", but this isn't supported yet on my server.

I also have the following templates -

simple
simple.rej
simple.orig
standard.rej
standard.orig
and some ftp templates.

When are each of these templates used ? I'm assuming that the 'standard' template is the one used when I create a new site ?

Martin
 
freedog96150

freedog96150

Well-Known Member
Mar 25, 2005
68
0
156
Nevada, USA
Anyone answer as to when the additional template files are used???
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
JIKOmetrix DNS Zone templates and cpanel injecting wrong include in SPF Records Domain Management 8
mlopez Change multiple DNS zones using templates/wildcards Domain Management 2
mlopez SOLVED DNS Zone templates edition ('bad dotted quad' error) Domain Management 2
9 Default DNS Zone Templates Needed Domain Management 2
2 How to / Where to create cPanel DNSOnly Zone templates Domain Management 7
Similar threads
DNS Zone templates and cpanel injecting wrong include in SPF Records
Change multiple DNS zones using templates/wildcards
SOLVED DNS Zone templates edition ('bad dotted quad' error)
Default DNS Zone Templates Needed
How to / Where to create cPanel DNSOnly Zone templates
Top Bottom