Remove all old SPF ip's after transfer to other server

Operating System & Version
Centos 7.9
cPanel & WHM Version
94.0.4

rhm.geerts

Well-Known Member
Jul 29, 2008
147
15
68
Maastricht
cPanel Access Level
Root Administrator
We moved to a new server using the transfer tool
Now in the new bind files, every SPF record contains 2 ip's. Like this (ip's are masked to local ip's):
Code:
"v=spf1 ip4:192.168.0.1 +a +mx +ip4:10.0.0.1 ~all"
where 192.168.0.1 is the ip of the new server and 10.0.0.1 is the old server ip.

With which command can I remove the complete " +ip4:10.0.0.1" (so with the space before) and update soa records for all domains so they only show:
Code:
"v=spf1 ip4:192.168.0.1 +a +mx ~all"
as should be on the new server?
 

ZenHostingTravis

Well-Known Member
PartnerNOC
May 22, 2020
275
95
28
Australia
cPanel Access Level
Root Administrator
Hi,

The following posts may assist you futher.

Please be sure to read all of them.

 

rhm.geerts

Well-Known Member
Jul 29, 2008
147
15
68
Maastricht
cPanel Access Level
Root Administrator
Thank you, but that is changing SPF record old ip to SPF record new ip.

As you could read from my post, both the new and old ip's are present, so I don't need to change that. I only need to remove the old ip.

It might be something like:
sed -i 's/+ip4:10.0.0.1//g' *.db

but I don't know if a double dash in this way is the correct way to remove that 10.0.0.1 ip from every SPF record.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
7,493
1,008
313
cPanel Access Level
Root Administrator
We add both IP addresses to allow for the Live Transfer tool to work properly in the event that messages still get sent from the Source machine for a brief period, as the mail service gets proxied to the Destination server:


It won't hurt anything to leave those IP addresses there, as that record is just telling the mail recipient what IP addresses should be permitted to send for the domain.

This command worked well for me, but I try and avoid using asterisks with no qualifies, so I changed that to "./*" to only run in the current directory:

Code:
sed -i 's/ip4:1.2.3.4//g' ./*.db
All commands provided with no warranty expressed or implied ;) It would be best to run that on a test directory with 2 or 3 DNS zones that you've created to make sure you get the intended result.
 
  • Like
Reactions: rhm.geerts

rhm.geerts

Well-Known Member
Jul 29, 2008
147
15
68
Maastricht
cPanel Access Level
Root Administrator
It won't hurt anything to leave those IP addresses there, as that record is just telling the mail recipient what IP addresses should be permitted to send for the domain.
That would break the sense of SPF after the old server is down and the ip is given to somebody else, which would be allowed to send mail from our system then, according to SPF.
So I rather remove them, looks better too. :)

Ofcourse I understand that such commands are at own risk, but I will create a backup of the directory anyway and indeed test first with a couple of DNS zones.

I just did and it looks almost correct, but not quite. It leaves a double space and the + from in front of the +ipv4. So for future reference, this would be the correct command to remove the second ip and the space behind it.
Code:
sed -i 's/+ip4:1.2.3.4 //g' ./*.db
Thank you very much!!
You can put this one to solved too.
I just have to "up" the soa record but if I'm correct there was some thread on how to do this somewhere.
 
  • Like
Reactions: cPRex

rhm.geerts

Well-Known Member
Jul 29, 2008
147
15
68
Maastricht
cPanel Access Level
Root Administrator
I found a string:
Code:
find /var/named/*.db -mtime -1 -exec perl -pi -e 'if (/^\s+(\d{10})\s+;\s+serial/i) { my $i = $1+1; s/$1/$i/;}' '{}' \;
however, this did not change the soa record.

So maybe you have a good hint for me to update all soa records?
 

rhm.geerts

Well-Known Member
Jul 29, 2008
147
15
68
Maastricht
cPanel Access Level
Root Administrator
Most of them are, also got some with 2021041102.

Ah... just seen the old 14400 TTL value still was in use. Nowadays the default is 3600 so I updated all TTL records via WHM which also updates all SOA records automatically too.
Solved... can be closed.
Thanks.
 
  • Like
Reactions: cPRex