Default SPF record using LAN_IP

[SteveN2020]

I have a DA server behind a NAT firewall, and all seems to be working fine, but I have noticed that when I create a new domains, the SPF record uses the SERVER_IP, which seems to translate to the LAN_IP.

"v=spf1 a mx ip4:10.0.0.76 ip4:x.x.x.x/32 ~all"

The EXTRA_SPF is populating fine, but the first ipv4 (in this case 10.0.0.76) should be the server's external IP address.

I have created a copy of the dns_spf.conf to /usr/local/directadmin/data/templates/custom with the following:

|DOMAIN|.="v=spf1 a mx ip4:|IP||EXTRA_SPF| ~all"

which I thought was working, but not anymore. Do I need to set the SERVER_IP somewhere?

Thanks.

 

[opencart]

+1 custom dns_spf.conf not work

 

[opencart]

need update dns_txt.conf, too.
both dns_txt & dns_spf conf have same spf record.

 

[Richard G]

need update dns_txt.conf, too.

No you only need to update dns_txt.conf nowadays. Earlier the SPF dns record was introduced especially for SPF records.

However, this record didn't make it so didn't last and RFC decided that SPF would be present in a TXT record and not a seperate SPF record.
So the TXT record was used again, but DA just did not remove the dns_spf.conf template yet.

 

[Richard G]

Do I need to set the SERVER_IP somewhere?

The MX will be translated to the ip used by the mailserver, so if that uses the internal ip, you have to remove the MX record too, but test first like this:

|DOMAIN|.="v=spf1 a mx ip4:12.34.56.789|EXTRA_SPF||SPF_IPV6| ~all"

Replace the 12.34.56.789 with your external ip. But this has to be changed in /usr/local/directadmin/data/templates/custom/dns_txt.conf file.