Solved Multiple SPF via custom dns_txt.conf not work

castris

castris

Verified User
Joined
Apr 16, 2021
Messages
76
Location
Arcenillas
I don't know if it's a mistake or an oversight on my part, but I can't figure it out.

I followed the steps in the manual and it didn't work.

## dns_txt.conf

Bash: 
cat /usr/local/directadmin/data/templates/custom/dns_txt.conf
|DOMAIN|.="v=spf1 a mx ip4:|SERVER_IP||EXTRA_SPF||SPF_IPV6| ~all"


## directadmin.conf

Bash: 
cat /usr/local/directadmin/conf/directadmin.conf | grep spf
dns_add_spf_ipv6=1
dns_spf=1
extra_spf_value= ip4:ONE_IP ipv:TWO_IP ipv:THIRD_IP

After this.
Bash: 
echo "action=rewrite&value=named" >> /usr/local/directadmin/data/task.queue

Changes on all zones but not change anything expect SERIAL.

Also if use

Bash: 
echo "action=rewrite&value=named&domain=domain.tld" >> /usr/local/directadmin/data/task.queue
Change ALL domains, instead domain.tld

What is wrong?
 
castris said:
I followed the steps in the manual and it didn't work.
Click to expand...
What are you trying to achieve? Because I don't see any difference in the default dns_txt.conf and the custom version.

If you want ipv6 in your SPF record, no need to make changes in directadmin.conf it's supported by default is all is well.
Also if you make a custom dns_txt.conf that will -not- change existing domains, neither will any of the commands issues.

You first have to change the existing named databases and then issue the rewrite command.

You can use a "perl -pi" comman for that, or use this script (everything on your own risk).
help.yourwebhoster.eu

DirectAdmin mass add IP or setting to SPF record

Replace NEW_VALUE with the new setting. For example, configure ip6:your-ipv6-address to add IPv6 or include:spf.yourwebhoster.eu. It will only add the value to domains who do not have this record yet to prevent duplicates. #!/bin/bash # Copyrigh...
help.yourwebhoster.eu help.yourwebhoster.eu
 
Hi.

I realized the misunderstanding.

But still, I created my own script

This deleted the SPF line from all domains.

After that I checked that the new lines were created correctly with
Code: 
cat /etc/bin/*.db| grep spf

Code: 
domain.tld. 1800 IN TXT "v=spf1 a mx ip4:XX.XX.XXX ip4:YY.YY.YY.YY ip6:2001:41d0:333:333::333c ip4:WW.WW.WW.WW -all"
But after run

echo "action=rewrite&value=named" >> /usr/local/directadmin/data/task.queue
/usr/local/directadmin/dataskq d800

This delete all lines in all file zones

But after run echo
Code: 
"action=rewrite&value=named" >> /usr/local/directadmin/data/task.queue /usr/local/directadmin/dataskq d800

I see that the problem is that the dkim seem not to pass some system of verification of the zones.

Code: 
"bswlAkX9T5EumKPevB7I49PFh7nVrtSNBdAOyx3Smc7rFqANJsW5eAfSrdad94eowXpjeEK7kgbMWriefXErLaRGoQ+iq6DBx6L0I68LQIDAQAB" )
File /etc/bind/onco-hours2024.doctaforum-webcast.com.db.temp.812522.IKBiVtWbBo appears ok to named-checkzone
Named::get_wrapped_long_line: record does not start with a double-quote: ( "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBnp5NcrGJMDPPNa1VO65hl+8SFKM4PIeb/O4fjbzH8e2pLQ9MU9ZeJXFBRB7YS+cS85z9DsvgBdTkDgGnxXHnY"

DKIM is build with Directadmin.
 
Ok.

After show checks I see:
- Local changes are in server.
- Locals changes not propagate in clusters DNS (secondary DNS).

I have checked Multiserver Setup (test connection)
Code: 
2024:08:26-15:43:22: '0.0.0.0' successful login to 'admin'
2024:08:26-15:43:22: '0.0.0.0' successful Basic Auth/API login to 'admin'

==> /var/log/directadmin/2024-Aug-26.log <==
26/08/2024:15:43:22    0.0.0.0 GET /CMD_API_LOGIN_TEST HTTP/1.1    admin

==> /var/log/directadmin/access.log <==
2024-08-26T15:43:22Z 0.049 0.0.0.0 GET /CMD_API_LOGIN_TEST - admin basic-native 
-

But any change in any zona replicate.
 
Coreect problem.

A terrible mistake.
DA Server resolve in secondary IP instead Main IP.
That get error en secondary DA server for DNS.

All ok now.
 
You must log in or register to reply here.
Back
Top