[AlternC-dev] After DKIM, let's DMARC & SPF ?

Retour à l'archive de la liste
Le site d'AlternC
Google Custom Search

Benjamin Sonntag benjamin at sonntag.fr
Mer 17 Juin 20:43:17 CEST 2015


Hi all,

since AlternC 3.1, we are automatically publishing DNS records and sign with DKIM emails sent by the server, for domains where we host DNS and EMAIL locally.

Thanks to TXT records in advanced subdomains, we also can declare SPF records through the web interface, but one's need to do it, and to know what SPF is.

Since it is more and more required by big email providers such as Google, Hotmail/Microsoft and Yahoo, I propose that we also declare SPF and DMARC records automatically from 3.1.7 / 3.2.7

My proposal is as follow:

- we declare 2 new variables : default_spf_value and default_dmarc_value, that can have some substitutions like %%DOMAIN%% %%ADMINMAIL%% %%USERMAIL%%...
- we add hooks on set_variable so that we can propagate changes when we change a variable
- the email class would have a function called for one or every domains in the following hooks:
  hook_add_mx_doamain hook_del_mx_domain hook_variable_set
that would create or update or delete TXT records in sub_domaines accordingly,
- the hooks would NOT update the SPF/DMARC record if it has been changed manually through the DNS edit interface.

- the default values for the variables would be "relax", saying that anything violating the SPF or DMARC rules would not be a problem.
- of course, the admin account could choose more strict rules that would be applied on every installed domain.

DMARC Specification: http://dmarc.org/resources/specification/
DMARC at Google: https://support.google.com/a/answer/2466563?hl=en
SPF: http://www.openspf.org/SPF_Record_Syntax

I'd like to get your opinion on this feature




regards,

Benjamin


Plus d'informations sur la liste de diffusion Dev