From 5169ecec073c4172327ce974830633e4fa1fdabb Mon Sep 17 00:00:00 2001 From: VC Date: Fri, 5 Jul 2024 11:53:54 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=A9=B9:=20shorten=20mail-related=20RR=20t?= =?UTF-8?q?o=203600s?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- roles/nsd/templates/zones/libertus.eu.zone.j2 | 10 +++++----- roles/nsd/templates/zones/mateu.be.zone.j2 | 14 +++++++------- roles/nsd/templates/zones/nintendojo.fr.zone.j2 | 8 ++++---- roles/nsd/templates/zones/pipoworld.fr.zone.j2 | 10 +++++----- roles/nsd/templates/zones/sebicomics.com.zone.j2 | 8 ++++---- 5 files changed, 25 insertions(+), 25 deletions(-) diff --git a/roles/nsd/templates/zones/libertus.eu.zone.j2 b/roles/nsd/templates/zones/libertus.eu.zone.j2 index 4211e4b..8e53cec 100644 --- a/roles/nsd/templates/zones/libertus.eu.zone.j2 +++ b/roles/nsd/templates/zones/libertus.eu.zone.j2 @@ -12,20 +12,20 @@ $TTL 86400 {% endfor %} $ORIGIN {{ item.name }}. + IN CAA 0 issue "letsencrypt.org" IN MX 1 mail.dmz.mateu.be. 3600 IN TXT "v=spf1 mx a:ks3370405.kimsufi.com -all" 3600 IN TXT "spf2.0/mfrom mx a:ks3370405.kimsufi.com -all" - IN CAA 0 issue "letsencrypt.org" -_dmarc IN TXT "v=DMARC1; p=reject; rua=mailto:postmaster@mateu.be; adkim=s; aspf=s" -_dmarc.p IN TXT "v=DMARC1; p=reject; rua=mailto:postmaster@mateu.be; adkim=s; aspf=s" +_dmarc 3600 IN TXT "v=DMARC1; p=reject; rua=mailto:postmaster@mateu.be; adkim=s; aspf=s" +dkim._domainkey 3600 IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB" _jabber._tcp IN SRV 0 0 5269 jabber.dmz.mateu.be. _xmpp-client._tcp IN SRV 0 0 5222 jabber.dmz.mateu.be. _xmpp-server._tcp IN SRV 0 0 5269 jabber.dmz.mateu.be. _xmppconnect IN TXT "_xmpp-client-xbosh=https://xmpp.libertus.eu/http-bind" altsrv IN CNAME ks3370405.kimsufi.com. -dkim._domainkey IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB" -dkim._domainkey.p IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB" p IN MX 1 mail.dmz.mateu.be. p 3600 IN TXT "v=spf1 mx a:ks3370405.kimsufi.com -all" p 3600 IN TXT "spf2.0/mfrom mx a:ks3370405.kimsufi.com -all" +_dmarc.p 3600 IN TXT "v=DMARC1; p=reject; rua=mailto:postmaster@mateu.be; adkim=s; aspf=s" +dkim._domainkey.p 3600 IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB" {{ web_hostname_block }} diff --git a/roles/nsd/templates/zones/mateu.be.zone.j2 b/roles/nsd/templates/zones/mateu.be.zone.j2 index da4ceb1..13d523a 100644 --- a/roles/nsd/templates/zones/mateu.be.zone.j2 +++ b/roles/nsd/templates/zones/mateu.be.zone.j2 @@ -14,11 +14,16 @@ $TTL 86400 {% endfor %} $ORIGIN {{ item.name }}. + IN CAA 0 issue "letsencrypt.org" IN MX 1 mail.dmz.mateu.be. 3600 IN TXT "v=spf1 mx a:ks3370405.kimsufi.com -all" 3600 IN TXT "spf2.0/mfrom mx a:ks3370405.kimsufi.com -all" - IN CAA 0 issue "letsencrypt.org" -_dmarc IN TXT "v=DMARC1; p=reject; rua=mailto:postmaster@mateu.be; adkim=s; aspf=s" +_dmarc 3600 IN TXT "v=DMARC1; p=reject; rua=mailto:postmaster@mateu.be; adkim=s; aspf=s" +dkim._domainkey 3600 IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB" +libertus.eu._report._dmarc 3600 IN TXT "v=DMARC1;" +nintendojo.fr._report._dmarc 3600 IN TXT "v=DMARC1;" +p.libertus.eu._report._dmarc 3600 IN TXT "v=DMARC1;" +pipoworld.fr._report._dmarc 3600 IN TXT "v=DMARC1;" altsrv IN CNAME ks3370405.kimsufi.com. backup IN A 10.233.212.60 baybay-ponay IN AAAA 2a01:e0a:9bd:2810:9e6b:ff:fe13:ef88 @@ -26,7 +31,6 @@ bt.dmz IN A 82.66.135.228 bt.dmz IN AAAA 2a01:e0a:9bd:2811::3 ciol IN A 109.190.68.133 derdriu IN A 10.233.212.77 -dkim._domainkey IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB" dns1.dmz IN A 82.66.135.228 dns1-v4.dmz IN A 82.66.135.228 dns1.dmz IN AAAA 2a01:e0a:9bd:2811::16 @@ -53,7 +57,6 @@ haproxy.dmz IN AAAA 2a01:e0a:9bd:2811::2 imprimante IN A 10.233.212.94 jabber.dmz IN A 82.66.135.228 jabber.dmz IN AAAA 2a01:e0a:9bd:2811::10 -libertus.eu._report._dmarc IN TXT "v=DMARC1;" machinbox IN A 82.66.135.228 machinbox IN AAAA 2a01:e0a:9bd:2810::1 mail-relay IN A 37.187.5.75 @@ -65,13 +68,10 @@ masto1.dmz IN AAAA 2a01:e0a:9bd:2811::19 munin.dmz IN A 82.66.135.228 munin.dmz IN AAAA 2a01:e0a:9bd:2811::12 nfs IN A 10.233.212.60 -nintendojo.fr._report._dmarc IN TXT "v=DMARC1;" nsd-master1.ext IN A 51.158.238.190 nsd-master1-v4.ext IN A 51.158.238.190 nsd-master1.ext IN AAAA 2001:bc8:5090:5bb:dc00:ff:fe20:8869 nsd-master1-v6.ext IN AAAA 2001:bc8:5090:5bb:dc00:ff:fe20:8869 -p.libertus.eu._report._dmarc IN TXT "v=DMARC1;" -pipoworld.fr._report._dmarc IN TXT "v=DMARC1;" pt1.dmz IN A 82.66.135.228 pt1.dmz IN AAAA 2a01:e0a:9bd:2811::20 rb IN A 194.156.203.253 diff --git a/roles/nsd/templates/zones/nintendojo.fr.zone.j2 b/roles/nsd/templates/zones/nintendojo.fr.zone.j2 index d4c0f1a..9cb896c 100644 --- a/roles/nsd/templates/zones/nintendojo.fr.zone.j2 +++ b/roles/nsd/templates/zones/nintendojo.fr.zone.j2 @@ -12,14 +12,14 @@ $TTL 86400 {% endfor %} $ORIGIN {{ item.name }}. - IN MX 1 mail.dmz.mateu.be. + IN CAA 0 issue "letsencrypt.org" IN A 82.66.135.228 IN AAAA 2a01:e0a:9bd:2811::6 + IN MX 1 mail.dmz.mateu.be. 3600 IN TXT "v=spf1 mx a:ks3370405.kimsufi.com -all" 3600 IN TXT "spf2.0/mfrom mx a:ks3370405.kimsufi.com -all" 3600 IN TXT "google-site-verification=rIe1fnrQnv-E1H8qsMtEIhM4XYUqCELshWH9pHkwPBI" - IN CAA 0 issue "letsencrypt.org" -_dmarc IN TXT "v=DMARC1; p=reject; rua=mailto:postmaster@mateu.be; adkim=s; aspf=s" -dkim._domainkey IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB" +_dmarc 3600 IN TXT "v=DMARC1; p=reject; rua=mailto:postmaster@mateu.be; adkim=s; aspf=s" +dkim._domainkey 3600 IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB" mumble IN CNAME voice1.dmz.mateu.be. {{ web_hostname_block }} diff --git a/roles/nsd/templates/zones/pipoworld.fr.zone.j2 b/roles/nsd/templates/zones/pipoworld.fr.zone.j2 index 24ae816..74d5ce8 100644 --- a/roles/nsd/templates/zones/pipoworld.fr.zone.j2 +++ b/roles/nsd/templates/zones/pipoworld.fr.zone.j2 @@ -12,10 +12,10 @@ $TTL 86400 {% endfor %} $ORIGIN {{ item.name }}. - IN MX 1 mail.dmz.mateu.be. - 600 IN TXT "spf2.0/mfrom mx a:ks3370405.kimsufi.com -all" - 600 IN TXT "v=spf1 mx a:ks3370405.kimsufi.com -all" IN CAA 0 issue "letsencrypt.org" -_dmarc IN TXT "v=DMARC1; p=reject; rua=mailto:postmaster@mateu.be; adkim=s; aspf=s" -dkim._domainkey IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB" + IN MX 1 mail.dmz.mateu.be. + 3600 IN TXT "spf2.0/mfrom mx a:ks3370405.kimsufi.com -all" + 3600 IN TXT "v=spf1 mx a:ks3370405.kimsufi.com -all" +_dmarc 3600 IN TXT "v=DMARC1; p=reject; rua=mailto:postmaster@mateu.be; adkim=s; aspf=s" +dkim._domainkey 3600 IN TXT "v=DKIM1; k=rsa; t=s; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCv3kGIw5015Q35LLbkGwaBE+wC0PseodezDdkoGwzRsazEWINv1bg0mCIjtDbXLpv5VgRSynRyB+764i15DoFJp6mabcHlXxQVBWMClAtCJ9+Fn6SEwQjFbQeuFVQKH3xMwIq0S+ggP7qhFTaiLBn909Fi8oEMXGvqbBSlvoaeJwIDAQAB" {{ web_hostname_block }} diff --git a/roles/nsd/templates/zones/sebicomics.com.zone.j2 b/roles/nsd/templates/zones/sebicomics.com.zone.j2 index 561bd18..a8bb651 100644 --- a/roles/nsd/templates/zones/sebicomics.com.zone.j2 +++ b/roles/nsd/templates/zones/sebicomics.com.zone.j2 @@ -13,11 +13,11 @@ $TTL 86400 $ORIGIN {{ item.name }}. @ IN CAA 0 issue "letsencrypt.org" -@ IN MX 0 . @ IN A 82.66.135.228 @ IN AAAA 2a01:e0a:9bd:2811::17 -@ IN TXT "v=spf1 -all" -@ IN TXT "spf2.0/mfrom -all" +@ IN MX 0 . +@ 3600 IN TXT "v=spf1 -all" +@ 3600 IN TXT "spf2.0/mfrom -all" +_dmarc 3600 IN TXT "v=DMARC1;p=reject;pct=100;sp=reject;aspf=s;" @ IN TXT "google-site-verification=Ptj7up6CWDNVy_AQjKrJf9yY08Tu7OTE30XIgG-ISGU" -_dmarc IN TXT "v=DMARC1;p=reject;pct=100;sp=reject;aspf=s;" {{ web_hostname_block }}