Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SPF not replaced on transfer

Discussion in 'General Discussion' started by rhm.geerts, Apr 12, 2018.

  1. rhm.geerts

    rhm.geerts Well-Known Member

    Joined:
    Jul 29, 2008
    Messages:
    93
    Likes Received:
    6
    Trophy Points:
    58
    Location:
    Maastricht
    cPanel Access Level:
    Root Administrator
    We just tested the transfer tool to migrate a server to another.
    So we just triend 1 domain first and we encountered some issues there.

    The SPF line in DNS is not replaced by the default SPF line of the new server.
    The new server has placement of SPF records for new acounts on by default.

    Next to that, we see several comments in the /var/named/domain.nl.db file which can't be removed via the Edit DNS.
    It's not good if we have to remove these lines from every domain which is transferred.

    These are the lines added for example:

    Code:
    ; customerdomain.nl.   86400   IN   SOA   ns1.company.nl.   root.company.nl.   ( ; Previous value removed by cPanel transfer auto-merge on 20180412182936 GMT
    ;                        2017041002 ;Serial Number ; Previous value removed by cPanel transfer auto-merge on 20180412182936 GMT
    ;                        14400 ;refresh ; Previous value removed by cPanel transfer auto-merge on 20180412182936 GMT
    ;                        3600 ;retry ; Previous value removed by cPanel transfer auto-merge on 20180412182936 GMT
    ;                        1209600 ;expire ; Previous value removed by cPanel transfer auto-merge on 20180412182936 GMT
    ;                        86400   ) ; Previous value removed by cPanel transfer auto-merge on 20180412182936 GMT
    Then there is the normal (correct nameserver) and right below that:
    Code:
    ; customerdomain.nl.   86400   IN   NS   ns1.company.nl. ; Previous value removed by cPanel transfer auto-merge on 20180412182936 GMT
    
    ; customerdomain.nl.   86400   IN   NS   ns2.company.nl. ; Previous value removed by cPanel transfer auto-merge on 20180412182936 GMT
    Same for FTP, first the correct entry and below it:
    Code:
    ; ftp    14400    IN    A    62.xxx.xxx.xxx ; Previous value removed by cPanel transfer auto-merge on 20180412182936 GMT
    And the SPF entry is present, but with the old value of 62.xxx.xx.xx instead of 148.xxx.xxx.xxx which it should contain because that is the new server.

    Can both of these things be fixed some how without editting every entry manually via ssh?

    P.s. The source version of Cpanel is v58 and cannot be updated anymore. Destination server has the newest stable cpanel version.
     
  2. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,867
    Likes Received:
    280
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hello,


    I believe this issue is fixed in CPANEL-18439 in terms of the SPF records not being updated on restore. The fix for this is in v72 of cPanel.

    As for the comments, that data is there to preserve any changes that may have been made when transferring the DNS zone files to the new server. I'm not aware of a method to remove these without checking the DNS record at /var/named/domain.tld.db but I should point out that because of the ; they are not in use and therefore have no affect on the DNS zone file itself.


    Thank you,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    rhm.geerts likes this.
  3. rhm.geerts

    rhm.geerts Well-Known Member

    Joined:
    Jul 29, 2008
    Messages:
    93
    Likes Received:
    6
    Trophy Points:
    58
    Location:
    Maastricht
    cPanel Access Level:
    Root Administrator
    Ehmz... Nice, but when will this be available? Because I only see the newest version being V70.0.26 in Current and Edge.
    And we are running the Stable version v68.0.36.
    Is there a way we can adjust something to fix this SPF issue manually or on a shorter term?

    As for the DNS comments, pity these comments can not be disabled or mass removed.
     
  4. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,867
    Likes Received:
    280
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    v70 is set to go to RELEASE within the next couple of weeks and v72 will follow.

    While the comments being added to your DNS zone files on transfer is done purposefully, I would encourage you to open a feature request using the link in my signature if you'd like to see an easy/official way to remove these once the transfer is complete and you can confirm that the sites are functioning as you wish.

    Thank you,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. rhm.geerts

    rhm.geerts Well-Known Member

    Joined:
    Jul 29, 2008
    Messages:
    93
    Likes Received:
    6
    Trophy Points:
    58
    Location:
    Maastricht
    cPanel Access Level:
    Root Administrator
    Oke thank you, but we probably can't wait that long to transfer all accounts to the new server.
    Do you have an easy way to replace all old ip's in the SPF with the new ip? Maybe you can give me a perl -pi -e command to replace the spf ip's?

    I will send in a ticket after transfer for the DNS zone files, as that is less important then wrong ip's in SPF.
    Please let me know if you want me to send in a ticket for that too, it's no problem.
     
  6. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,867
    Likes Received:
    280
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi,

    You could use:

    /usr/local/cpanel/bin/spf_updater $USER

    to update the IP though this wouldn't replace the old IP it would add the new IP to the SPF.

    You'd need to create a loop to go through all users that were transferred.

    To completely replace the SPF on the account you could first run:

    /usr/local/cpanel/bin/spf_uninstaller $USER

    Then run

    /usr/local/cpanel/bin/spf_installer $USER

    to add a new SPF for all the domains, subdomains and addon domains that are present within the account.

    This would again be for all users and a simple loop would need to be created to do so.

    The following may be useful for examples of the loop:

    how to /scripts/pkgacct with multiple accounts.

    Loop through all accounts and run api calls?


    There is also the whmapi1 which could be used to modify the zone record

    WHM API 1 Functions - editzonerecord - Developer Documentation - cPanel Documentation

    But I wouldn't recommend using it for this purpose as you'd need to know the line number the SPF was located on which wouldn't allow for automation.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    rhm.geerts likes this.
  7. rhm.geerts

    rhm.geerts Well-Known Member

    Joined:
    Jul 29, 2008
    Messages:
    93
    Likes Received:
    6
    Trophy Points:
    58
    Location:
    Maastricht
    cPanel Access Level:
    Root Administrator
    Oke.
    I've got little knowledge of scripting. So I will see how much time it costs to do it manually and otherwise maybe submit a ticket for it to prevent failures being made.

    Thank you very much!
     
  8. cPanelLauren

    cPanelLauren Forums Analyst II
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    3,867
    Likes Received:
    280
    Trophy Points:
    193
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    You're welcome and I'm glad we were able to potentially find something that works for you in the meantime.


    Thank you,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice