bind_add_dkim_zone_master.sh: Support adding DKIM zone even if zone is not yet official responsible.

create_master_zone_file.sh: Change default _dmarc TXT record fro 'p=reject' to 'p=none'.
create_master_zone_file.sh: Fix error in writing SPF TXT record.
2025-11-05 22:10:19 +01:00 · 2024-03-13 18:53:55 +01:00 · 2024-03-13 18:51:03 +01:00
2 changed files with 58 additions and 38 deletions
--- a/bind_add_dkim_zone_master.sh
+++ b/bind_add_dkim_zone_master.sh
@@ -96,6 +96,12 @@ usage() {
   -k <tsig key name>
      Name of the TSIG key used for dynamical updates.
   -m <dns_master>
      Main Domains Master DNS Server
   -s <dns_slave>
      Main Domains Slave DNS Server
 	-t <allow-transfer options>
 		allow-transfer for zone declaration. Possible values are ip-address(es) 
 		or existing 'acl' defininition(s).
@@ -290,6 +296,10 @@ while getopts hk:qt: opt ; do
            ;;
      k)    TSIG_KEY_NAME="$OPTARG"
            ;;
      m)    DNS_MASTER="$OPTARG"
            ;;
      s)    DNS_SLAVE="$OPTARG"
            ;;
      q)    verbose=true
            ;;
      t)    ALLOW_TRANSFER_OPTION="$OPTARG"
@@ -430,18 +440,22 @@ fi
 # - Get DNS server
 # -
 echononl "Get responsible zone for domain '$dkim_domain'.."
-found=true
+if [[ -n "${DNS_MASTER}" ]] && [[ -n "${DNS_SLAVE}" ]] ; then
-zone="${dkim_domain}"
+   echo_skipped
-dns_servers="$(dig +short $zone NS 2>/dev/null)"
+   dns_server_arr=("${DNS_MASTER}" "${DNS_SLAVE}")
-while [[ -z "$dns_servers" ]] ; do
+else
   found=true
   zone="${dkim_domain}"
   dns_servers="$(dig +short $zone NS 2>/dev/null)"
   while [[ -z "$dns_servers" ]] ; do
      zone=${zone#*.}
      if [[ ! $zone =~ \. ]]; then
         found=false
         break
      fi
      dns_servers="$(dig +short $zone NS 2>/dev/null)"
-done
+   done
-if $found ; then
+   if $found ; then
      echo_ok
      info "Found responsible zone for '${dkim_domain}': \033[37m\033[1m${zone}\033[m"
      echononl "Get nameservers for domain '${zone}'.."
@@ -462,10 +476,11 @@ if $found ; then
            info "Found nameservers \033[37m\033[1m${_tmp_dns_server}\033[m"
         fi
      done
-else
+   else
      echo_failed
      error "No responsible zone for '$dkim_domain' found!"
      clean_up 16
   fi
 fi
--- a/create_master_zone_file.sh
+++ b/create_master_zone_file.sh
@@ -740,12 +740,12 @@ EOF
 ;
 ; TXT (u.a. SPF)
 ;
-@               3600 IN TXT   "v=spf1 a mx mx:lists.warenform.de mx mx:lists.oopen.de mx:lists.initiativenserver.de mx:listi.jpberlin.de ~all"
+@               3600 IN TXT   "v=spf1 a mx mx:lists.warenform.de mx:lists.oopen.de mx:lists.initiativenserver.de mx:listi.jpberlin.de ~all"
 ;
 ; DMARC
 ;
-_dmarc               IN TXT   "v=DMARC1; p=reject;"
+_dmarc               IN TXT   "v=DMARC1; p=none;"
 EOF
 elif [[ -n "${DEFAULT_MX_HOST_1}" ]] ; then
   cat << EOF >> "${ZONE_FILE_MASTER_DIR}/${DOMAIN}.zone"
@@ -759,7 +759,12 @@ elif [[ -n "${DEFAULT_MX_HOST_1}" ]] ; then
 ;
 ; TXT (u.a. SPF)
 ;
-;@               3600 IN TXT   "v=spf1 a mx ~all"
+;@               3600 IN TXT   "v=spf1 a mx mx:lists.warenform.de mx:lists.oopen.de mx:lists.initiativenserver.de mx:listi.jpberlin.de ~all"
 ;
 ; DMARC
 ;
 ;_dmarc               IN TXT   "v=DMARC1; p=none;"
 EOF
 fi
Author	SHA1	Message	Date
Christoph	fc1de89b2b	bind_add_dkim_zone_master.sh: Support adding DKIM zone even if zone is not yet official responsible.	2025-11-05 22:10:19 +01:00
Christoph	27edc58ca6	create_master_zone_file.sh: Change default _dmarc TXT record fro 'p=reject' to 'p=none'.	2024-03-13 18:53:55 +01:00
Christoph	1c0d066e65	create_master_zone_file.sh: Fix error in writing SPF TXT record.	2024-03-13 18:51:03 +01:00