Config option to use SPF records

2026-06-28 15:00:25 +01:00 · 2013-02-22 14:09:09 -08:00
parent 7fd6dd2943
commit 32db124487
56 changed files with 60 additions and 5 deletions
--- a/bind8/config-CentOS-Linux-6.0-*
+++ b/bind8/config-CentOS-Linux-6.0-*
@@ -52,3 +52,4 @@ dnssectools_rollrec=/var/named/system.rollrec
 dnssectools_keydir=/var/named/dtkeys
 dnssectools_rollmgr_pidfile=/var/run/rollmgr.pid
 force_random=0
+spf_record=0
--- a/bind8/config-Redhat-Enterprise-Linux-6.0-*
+++ b/bind8/config-Redhat-Enterprise-Linux-6.0-*
@@ -45,3 +45,4 @@ checkconf=named-checkconf
 other_slaves=1
 restart_cmd=restart
 force_random=0
+spf_record=0
--- a/bind8/config-Scientific-Linux-6.0-*
+++ b/bind8/config-Scientific-Linux-6.0-*
@@ -45,3 +45,4 @@ checkconf=named-checkconf
 other_slaves=1
 restart_cmd=restart
 force_random=0
+spf_record=0
--- a/bind8/config-aix
+++ b/bind8/config-aix
@@ -36,3 +36,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-cobalt-linux
+++ b/bind8/config-cobalt-linux
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-coherent-linux
+++ b/bind8/config-coherent-linux
@@ -42,3 +42,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-corel-linux
+++ b/bind8/config-corel-linux
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-debian-linux
+++ b/bind8/config-debian-linux
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-debian-linux-2.2
+++ b/bind8/config-debian-linux-2.2
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-debian-linux-3.0
+++ b/bind8/config-debian-linux-3.0
@@ -41,3 +41,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-debian-linux-3.1-*
+++ b/bind8/config-debian-linux-3.1-*
@@ -42,3 +42,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-freebsd-2.1-2.2
+++ b/bind8/config-freebsd-2.1-2.2
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-freebsd-3.0
+++ b/bind8/config-freebsd-3.0
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-freebsd-3.1-3.5
+++ b/bind8/config-freebsd-3.1-3.5
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-freebsd-4.0-*
+++ b/bind8/config-freebsd-4.0-*
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-generic-linux
+++ b/bind8/config-generic-linux
@@ -39,3 +39,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-gentoo-linux
+++ b/bind8/config-gentoo-linux
@@ -41,3 +41,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-hpux
+++ b/bind8/config-hpux
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-irix
+++ b/bind8/config-irix
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-macos
+++ b/bind8/config-macos
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-macos-1.3-*
+++ b/bind8/config-macos-1.3-*
@@ -39,3 +39,4 @@ checkconf=named-checkconf
 other_slaves=1
 pid_file=/var/run/named/named.pid /private/var/run/named/named.pid
 force_random=0
+spf_record=0
--- a/bind8/config-mandrake-linux
+++ b/bind8/config-mandrake-linux
@@ -41,3 +41,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-mandrake-linux-10.2-*
+++ b/bind8/config-mandrake-linux-10.2-*
@@ -41,3 +41,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-msc-linux
+++ b/bind8/config-msc-linux
@@ -40,3 +40,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-netbsd
+++ b/bind8/config-netbsd
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-open-linux
+++ b/bind8/config-open-linux
@@ -40,3 +40,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-openbsd-2.5-3.1
+++ b/bind8/config-openbsd-2.5-3.1
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-openbsd-3.2-*
+++ b/bind8/config-openbsd-3.2-*
@@ -39,3 +39,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-openmamba-linux
+++ b/bind8/config-openmamba-linux
@@ -40,3 +40,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-openserver
+++ b/bind8/config-openserver
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-osf1
+++ b/bind8/config-osf1
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-pardus-linux
+++ b/bind8/config-pardus-linux
@@ -43,3 +43,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-redhat-linux
+++ b/bind8/config-redhat-linux
@@ -40,3 +40,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-redhat-linux-10.0
+++ b/bind8/config-redhat-linux-10.0
@@ -45,3 +45,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-redhat-linux-11.0-23.0
+++ b/bind8/config-redhat-linux-11.0-23.0
@@ -45,3 +45,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-redhat-linux-24.0-*
+++ b/bind8/config-redhat-linux-24.0-*
@@ -45,3 +45,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-redhat-linux-7.1-9.0
+++ b/bind8/config-redhat-linux-7.1-9.0
@@ -41,3 +41,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-slackware-linux
+++ b/bind8/config-slackware-linux
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-slackware-linux-8.0-*
+++ b/bind8/config-slackware-linux-8.0-*
@@ -39,3 +39,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-sol-linux
+++ b/bind8/config-sol-linux
@@ -41,3 +41,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-solaris
+++ b/bind8/config-solaris
@@ -39,3 +39,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-solaris-10-*
+++ b/bind8/config-solaris-10-*
@@ -39,3 +39,4 @@ signzone=/usr/bin/dnssec-signzone
 checkconf=/usr/bin/named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-solaris-7-9
+++ b/bind8/config-solaris-7-9
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-suse-linux
+++ b/bind8/config-suse-linux
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-suse-linux-8.2
+++ b/bind8/config-suse-linux-8.2
@@ -43,3 +43,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-suse-linux-9.0-9.2
+++ b/bind8/config-suse-linux-9.0-9.2
@@ -44,3 +44,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-suse-linux-9.3-*
+++ b/bind8/config-suse-linux-9.3-*
@@ -46,3 +46,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-trustix-linux
+++ b/bind8/config-trustix-linux
@@ -45,3 +45,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-trustix-linux-2.1
+++ b/bind8/config-trustix-linux-2.1
@@ -45,3 +45,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-trustix-linux-2.2-*
+++ b/bind8/config-trustix-linux-2.2-*
@@ -45,3 +45,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-turbo-linux
+++ b/bind8/config-turbo-linux
@@ -38,3 +38,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-united-linux
+++ b/bind8/config-united-linux
@@ -41,3 +41,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-unixware
+++ b/bind8/config-unixware
@@ -39,3 +39,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config-windows
+++ b/bind8/config-windows
@@ -56,3 +56,4 @@ signzone=dnssec-signzone
 checkconf=named-checkconf
 other_slaves=1
 force_random=0
+spf_record=0
--- a/bind8/config.info
+++ b/bind8/config.info
@@ -43,6 +43,7 @@ confirm_zone=Confirm before deleting zones?,1,1-Yes,0-No
 confirm_rec=Confirm before deleting records?,1,1-Yes,0-No
 free_nets=IP networks for free addresses,3,Automatic
 force_random=Entropy source for DNSSEC keys,1,1-/dev/random (Secure but slow),0-/dev/urandom (Possibly insecure but fast)
+spf_record=Real record type for Sender Permitted From,1,1-SPF,0-TXT

 line2.5=Cluster slave servers,11
 this_ip=Default master server IP for remote slave zones,3,IP address of hostname
--- a/bind8/records-lib.pl
+++ b/bind8/records-lib.pl
@@ -382,7 +382,7 @@ splice(@$lref, $_[1]->{'line'}, 1);
 # Returns a string for some zone record
 sub make_record
 {
-local $type = $_[3] eq "SPF" ? "TXT" : $_[3];
+local $type = $_[3] eq "SPF" && !$config{'spf_record'} ? "TXT" : $_[3];
 return $_[0] . ($_[1] ? "\t$_[1]" : "") . "\t$_[2]\t$type\t$_[4]" .
       ($_[5] ? "\t;$_[5]" : "");
 }
@@ -710,15 +710,15 @@ foreach my $s ("a", "mx", "ip4", "ip6", "ptr", "include", "exists") {
 		}
 	}
 push(@rv, @{$spf->{'other'}});
-if ($spf->{'all'} == 3) { push(@rv, "-all"); }
-elsif ($spf->{'all'} == 2) { push(@rv, "~all"); }
-elsif ($spf->{'all'} == 1) { push(@rv, "?all"); }
-elsif ($spf->{'all'} eq '0') { push(@rv, "all"); }
 foreach my $m ("redirect", "exp") {
 	if ($spf->{$m}) {
 		push(@rv, $m."=".$spf->{$m});
 		}
 	}
+if ($spf->{'all'} == 3) { push(@rv, "-all"); }
+elsif ($spf->{'all'} == 2) { push(@rv, "~all"); }
+elsif ($spf->{'all'} == 1) { push(@rv, "?all"); }
+elsif ($spf->{'all'} eq '0') { push(@rv, "all"); }
 local @rvwords;
 local $rvword;
 while(@rv) {