From b601c12b7d218c662a538cbd40d21bb0cc5c3f3f Mon Sep 17 00:00:00 2001 From: Egor Savkin Date: Fri, 26 Jul 2024 17:46:54 +0800 Subject: [PATCH] Add SPF and update mail DKIM key so that postfix will be used instead of nginx for mail forwarding Signed-off-by: Egor Savkin --- nixbld-etc-nixos/configuration.nix | 2 +- nixbld-etc-nixos/named/m-labs-intl.com | 3 ++- nixbld-etc-nixos/named/m-labs.hk | 4 +++- 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/nixbld-etc-nixos/configuration.nix b/nixbld-etc-nixos/configuration.nix index 2e71daa..24c2b55 100644 --- a/nixbld-etc-nixos/configuration.nix +++ b/nixbld-etc-nixos/configuration.nix @@ -1173,7 +1173,7 @@ in enable = true; localDnsResolver = false; # conflicts with dnsmasq fqdn = "mail.m-labs.hk"; - domains = [ "m-labs.hk" "m-labs.ph" "193thz.com" "malloctech.fr" "m-labs-intl.com" ]; + domains = [ "m-labs.hk" "m-labs.ph" "193thz.com" "malloctech.fr" ]; enablePop3 = true; enablePop3Ssl = true; certificateScheme = "acme-nginx"; diff --git a/nixbld-etc-nixos/named/m-labs-intl.com b/nixbld-etc-nixos/named/m-labs-intl.com index fca72bd..f11f41d 100644 --- a/nixbld-etc-nixos/named/m-labs-intl.com +++ b/nixbld-etc-nixos/named/m-labs-intl.com @@ -15,10 +15,11 @@ $TTL 7200 AAAA 2a01:4ff:1f0:83de::1 MX 10 mail.m-labs-intl.com. + TXT "v=spf1 mx -all" mail A 5.78.86.156 mail AAAA 2a01:4ff:1f0:83de::1 -mail._domainkey TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCl38A/Z0IInVU157qzrWgMfYm2iDHoWZsTyiiOoZdT7kHMzS/M2OMXMt7r5g1/7pCPClsGUDJvKGqVMmjJuPleMyKHwpGeT92qDNEFpt6ahneap/oYx5eBYM/vGcgmleNxyIoBHsptaZvqD4vCEFaC22f8UL5QAgQD3wCH3FwlpQIDAQAB" +mail._domainkey TXT "v=DKIM1; h=sha256; k=rsa; t=y; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TBwMZv41/zbxAifWeT+JLrhJmJpZYjfV5YXb74nocDf+A8GiKmqu6C4fvh9hCozdLKeSzqxxwyEe/MmedX9ToIpGpXjHlW6qraCeknc4jSjvljVjj2HgOAHWeQSWy9MdUzxKmK9CTB0INXsm34WbyY+fSRDHAUQj60eCwlXAOxqhp9KsndI9kQW+CtkN7xjmyqzU1hLFCtZAleq+zTLCPbAFG7nigxfjM7qBBP8FodTkDv6Wz5hW4wqlIKJygBXoq5yYLQ/UyPhwLpTEAN6pxRVWmwXF4PROTmZ4Cd+RTLvm2CB5N6J9dVVjeVbAaYI/6cNPdB84tZZKYHGhE9nvwIDAQAB" _dmarc TXT "v=DMARC1; p=none" ns A 94.190.212.123 diff --git a/nixbld-etc-nixos/named/m-labs.hk b/nixbld-etc-nixos/named/m-labs.hk index ded4217..776cb5c 100644 --- a/nixbld-etc-nixos/named/m-labs.hk +++ b/nixbld-etc-nixos/named/m-labs.hk @@ -24,7 +24,9 @@ $TTL 7200 mail A 94.190.212.123 mail A 202.77.7.238 mail AAAA 2001:470:18:390::2 -mail._domainkey TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCl38A/Z0IInVU157qzrWgMfYm2iDHoWZsTyiiOoZdT7kHMzS/M2OMXMt7r5g1/7pCPClsGUDJvKGqVMmjJuPleMyKHwpGeT92qDNEFpt6ahneap/oYx5eBYM/vGcgmleNxyIoBHsptaZvqD4vCEFaC22f8UL5QAgQD3wCH3FwlpQIDAQAB" +mail._domainkey IN TXT ( "v=DKIM1; h=sha256; k=rsa; t=y; " + "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TBwMZv41/zbxAifWeT+JLrhJmJpZYjfV5YXb74nocDf+A8GiKmqu6C4fvh9hCozdLKeSzqxxwyEe/MmedX9ToIpGpXjHlW6qraCeknc4jSjvljVjj2HgOAHWeQSWy9MdUzxKmK9CTB0INXsm34WbyY+fSRDHAUQj60eCwlXAOxqhp9KsndI9kQW+CtkN7xjmyqzU1hLFCtZAl" + "eq+zTLCPbAFG7nigxfjM7qBBP8FodTkDv6Wz5hW4wqlIKJygBXoq5yYLQ/UyPhwLpTEAN6pxRVWmwXF4PROTmZ4Cd+RTLvm2CB5N6J9dVVjeVbAaYI/6cNPdB84tZZKYHGhE9nvwIDAQAB" ) ; ----- DKIM key mail for m-labs-intl.com _dmarc TXT "v=DMARC1; p=none" lab CNAME @