From 5d8e609994676e3000a51a8f0d963314b75dbc23 Mon Sep 17 00:00:00 2001 From: Christian Pointner Date: Tue, 18 Jun 2024 09:16:05 +0200 Subject: bind/zones: add DMARC policies --- files/chaos-at-home/bind-zones/db.chaos-at-home.org | 8 +++++--- files/chaos-at-home/bind-zones/db.chaox.org | 5 +++-- files/chaos-at-home/bind-zones/db.elev8.at | 2 +- files/chaos-at-home/bind-zones/db.gimpf.org | 5 +++-- "files/chaos-at-home/bind-zones/db.g\303\244h.org" | 7 ++++--- files/chaos-at-home/bind-zones/db.java-sucks.com | 7 ++++--- files/chaos-at-home/bind-zones/db.movetogether.at | 2 +- files/chaos-at-home/bind-zones/db.spreadspace | 8 +++++--- inventory/host_vars/ch-pan.yml | 2 +- 9 files changed, 27 insertions(+), 19 deletions(-) diff --git a/files/chaos-at-home/bind-zones/db.chaos-at-home.org b/files/chaos-at-home/bind-zones/db.chaos-at-home.org index 83c5540b..be7172f8 100644 --- a/files/chaos-at-home/bind-zones/db.chaos-at-home.org +++ b/files/chaos-at-home/bind-zones/db.chaos-at-home.org @@ -2,7 +2,7 @@ $origin chaos-at-home.org. $TTL 1h @ SOA ns0 hostmaster ( - 2024061800 + 2024061802 1h 15m 28d @@ -14,11 +14,13 @@ $TTL 1h MX 10 mx0 MX 10 mx1 - 1200 TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" - A 89.106.215.17 AAAA 2a02:3e0:407::17 + TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" +_dmarc TXT "v=DMARC1; p=none; rua=mailto:postmaster@chaos-at-home.org" +*._report._dmarc TXT "v=DMARC1" + gallery CNAME mimas ipics CNAME mimas mimas 600 A 178.63.180.142 diff --git a/files/chaos-at-home/bind-zones/db.chaox.org b/files/chaos-at-home/bind-zones/db.chaox.org index 2fd3f49c..0349ed91 100644 --- a/files/chaos-at-home/bind-zones/db.chaox.org +++ b/files/chaos-at-home/bind-zones/db.chaox.org @@ -2,7 +2,7 @@ $origin chaox.org. $TTL 1W @ SOA ns0.chaos-at-home.org. hostmaster ( - 2024061800 + 2024061802 1h 15m 28d @@ -14,7 +14,8 @@ $TTL 1W MX 10 mx0.chaos-at-home.org. MX 10 mx1.chaos-at-home.org. - 1200 TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" + TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" +_dmarc TXT "v=DMARC1; p=none; rua=mailto:postmaster@chaos-at-home.org" webmail CNAME webmail.chaos-at-home.org. diff --git a/files/chaos-at-home/bind-zones/db.elev8.at b/files/chaos-at-home/bind-zones/db.elev8.at index 0694dc84..e5a5c2a4 100644 --- a/files/chaos-at-home/bind-zones/db.elev8.at +++ b/files/chaos-at-home/bind-zones/db.elev8.at @@ -1,7 +1,7 @@ $TTL 1h @ SOA ns0.chaos-at-home.org. hostmaster ( - 2024061800 + 2024061802 1h 5m 28d diff --git a/files/chaos-at-home/bind-zones/db.gimpf.org b/files/chaos-at-home/bind-zones/db.gimpf.org index 425b6426..4ec2d29a 100644 --- a/files/chaos-at-home/bind-zones/db.gimpf.org +++ b/files/chaos-at-home/bind-zones/db.gimpf.org @@ -2,7 +2,7 @@ $origin gimpf.org. $TTL 1W @ SOA ns0.chaos-at-home.org. hostmaster ( - 2024061800 + 2024061802 1h 15m 28d @@ -16,7 +16,8 @@ $TTL 1W 1200 A 178.63.180.142 - 1200 TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" + TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" +_dmarc TXT "v=DMARC1; p=none; rua=mailto:postmaster@chaos-at-home.org" www 1200 CNAME mimas.chaos-at-home.org. id CNAME www.myopenid.com. diff --git "a/files/chaos-at-home/bind-zones/db.g\303\244h.org" "b/files/chaos-at-home/bind-zones/db.g\303\244h.org" index 503c30cf..fdc734f6 100644 --- "a/files/chaos-at-home/bind-zones/db.g\303\244h.org" +++ "b/files/chaos-at-home/bind-zones/db.g\303\244h.org" @@ -1,7 +1,7 @@ $TTL 1W @ SOA ns0.chaos-at-home.org. hostmaster ( - 2024061800 + 2024061802 1h 15m 28d @@ -13,9 +13,10 @@ $TTL 1W MX 10 mx0.chaos-at-home.org. MX 10 mx1.chaos-at-home.org. - 1200 TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" - 1200 A 178.63.180.142 + TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" +_dmarc TXT "v=DMARC1; p=none; rua=mailto:postmaster@chaos-at-home.org" + www CNAME mimas.chaos-at-home.org. wolke CNAME mimas.chaos-at-home.org. diff --git a/files/chaos-at-home/bind-zones/db.java-sucks.com b/files/chaos-at-home/bind-zones/db.java-sucks.com index 305fee16..6427b5a3 100644 --- a/files/chaos-at-home/bind-zones/db.java-sucks.com +++ b/files/chaos-at-home/bind-zones/db.java-sucks.com @@ -2,7 +2,7 @@ $origin java-sucks.com. $TTL 1W @ SOA ns0.chaos-at-home.org. hostmaster ( - 2024061800 + 2024061802 1h 15m 28d @@ -14,9 +14,10 @@ $TTL 1W MX 10 mx0.chaos-at-home.org. MX 10 mx1.chaos-at-home.org. - 1200 TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" - 1200 A 178.63.180.142 + TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" +_dmarc TXT "v=DMARC1; p=none; rua=mailto:postmaster@chaos-at-home.org" + www 1200 CNAME mimas.chaos-at-home.org. webmail CNAME webmail.chaos-at-home.org. diff --git a/files/chaos-at-home/bind-zones/db.movetogether.at b/files/chaos-at-home/bind-zones/db.movetogether.at index a8fbc01a..fbd70498 100644 --- a/files/chaos-at-home/bind-zones/db.movetogether.at +++ b/files/chaos-at-home/bind-zones/db.movetogether.at @@ -2,7 +2,7 @@ $origin movetogether.at. $TTL 1W @ SOA ns0.chaos-at-home.org. hostmaster ( - 2024061800 + 2024061802 1h 15m 28d diff --git a/files/chaos-at-home/bind-zones/db.spreadspace b/files/chaos-at-home/bind-zones/db.spreadspace index b2e40152..795a7fe5 100644 --- a/files/chaos-at-home/bind-zones/db.spreadspace +++ b/files/chaos-at-home/bind-zones/db.spreadspace @@ -1,7 +1,7 @@ $TTL 1h @ SOA ns0.chaos-at-home.org. hostmaster ( - 2024061800 + 2024061802 1h 5m 28d @@ -13,10 +13,12 @@ $TTL 1h MX 10 mx0.chaos-at-home.org. MX 10 mx1.chaos-at-home.org. - 1200 TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" - 1200 A 89.106.215.17 1200 AAAA 2a02:3e0:407::17 + + TXT "v=spf1 a:mailrelay.chaos-at-home.org -all" +_dmarc TXT "v=DMARC1; p=none; rua=mailto:postmaster@chaos-at-home.org" + build 1200 A 89.106.215.18 ;build 1200 AAAA 2a02:3e0:407::18 diff --git a/inventory/host_vars/ch-pan.yml b/inventory/host_vars/ch-pan.yml index c364dd7f..d8e17277 100644 --- a/inventory/host_vars/ch-pan.yml +++ b/inventory/host_vars/ch-pan.yml @@ -77,7 +77,7 @@ dyndns: rname: hostmaster.schaaas.at refresh: 1200 retry: 900 - expire: 2592000 + expire: 2419200 default_ttl: 60 static_records: - "schaaas.at. 7200 IN NS ns0.chaos-at-home.org." -- cgit v1.2.3