smck83 / expurgate-solo Goto Github PK
View Code? Open in Web Editor NEWA single self-hosted dockerized SPF solution built on rbldnsd to simplify, hide and exceed limits with SPF records.
A single self-hosted dockerized SPF solution built on rbldnsd to simplify, hide and exceed limits with SPF records.
Hi.
I set the parameters as specified on the README and changed the DNS on my domain, but is not working.
I used https://vamsoft.com/support/tools/spf-policy-tester to test my policy.
The part +1 msDomain argument after macro expansion: "116.223.107.40.116.223.107.40.domain.cc._spf.domain.cc._spf.domain.cc". seems to be duplicated and causing error.
+0 msSPF check starting.
IP: 40.107.223.116
Sender: [email protected]
Domain: domain.cc
EHLO/HELO domain:
+0 msTXT record found.
Line #1: "v=spf1 include:%{ir}.%{d}._spf.domain.cc -all"
+0 msStarting SPF policy evaluation.
Policy: "v=spf1 include:%{ir}.%{d}._spf.domain.cc -all"
+0 msThe policy passed syntax validation.
+0 msEvaluating SPF mechanisms.
+0 msEvaluating mechanism "include".
Qualifier: "pass"
Domain argument: "%{ir}.%{d}._spf.domain.cc"
DNS limits status: DNS terms 0 of 10 allowed. Void lookups 0 of 2 allowed. See RFC7208 Section 4.6.4.
+0 msDomain argument after macro expansion: "116.223.107.40.domain.cc._spf.domain.cc".
+0 msEntering recursive evaluation.
+0 msSPF check starting.
IP: 40.107.223.116
Sender: [email protected]
Domain: 116.223.107.40.domain.cc._spf.domain.cc
EHLO/HELO domain:
+0 msRetrieving DNS TXT record for "116.223.107.40.domain.cc._spf.domain.cc".
+99 msTXT record found.
Line #1: "v=spf1 include:%{ir}.%{d}._spf.domain.cc -all"
+0 msStarting SPF policy evaluation.
Policy: "v=spf1 include:%{ir}.%{d}._spf.domain.cc -all"
+0 msThe policy passed syntax validation.
+0 msEvaluating SPF mechanisms.
+0 msEvaluating mechanism "include".
Qualifier: "pass"
Domain argument: "%{ir}.%{d}._spf.domain.cc"
DNS limits status: DNS terms 1 of 10 allowed. Void lookups 0 of 2 allowed. See RFC7208 Section 4.6.4.
+1 msDomain argument after macro expansion: "116.223.107.40.116.223.107.40.domain.cc._spf.domain.cc._spf.domain.cc".
+0 msEntering recursive evaluation.
+0 msSPF check starting.
IP: 40.107.223.116
Sender: [email protected]
Domain: 116.223.107.40.116.223.107.40.domain.cc._spf.domain.cc._spf.domain.cc
EHLO/HELO domain:
+0 msRetrieving DNS TXT record for "116.223.107.40.116.223.107.40.domain.cc._spf.domain.cc._spf.domain.cc".
+98 msNo SPF policy was found in (no TXT record).
+0 msPolicy evaluation finished with SPF "none". No SPF policy was found.
+0 msReturned from recursive evaluation.
+0 msThe "include" mechanism returned with SPF "none" result. Returning SPF "permerror".
+0 msFinished SPF policy evaluation.
DNS limits status: DNS terms 2 of 10 allowed. Void lookups 0 of 2 allowed. See RFC7208 Section 4.6.4.
+0 msThere was an error during the policy evaluation.
Error message: "The "include" mechanism returned with SPF "none" result. Returning SPF "permerror"."
+0 msPolicy evaluation finished with SPF "permerror".
+0 msReturned from recursive evaluation.
+0 msThe "include" mechanism returned with SPF "permerror" result. Returning SPF "permerror".
+0 msFinished SPF policy evaluation.
DNS limits status: DNS terms 2 of 10 allowed. Void lookups 0 of 2 allowed. See RFC7208 Section 4.6.4.
+0 msThere was an error during the policy evaluation.
Error message: "The "include" mechanism returned with SPF "none" result. Returning SPF "permerror"."
+0 msPolicy evaluation finished with SPF "permerror".
TEST SUMMARY
The evaluation completed in 198 ms, with 4 errors and 0 warning.
Result: SPF permerror
Permanent error. Fixing the problem requires intervention of the policy publisher.
Error message: "The "include" mechanism returned with SPF "none" result. Returning SPF "permerror"."
Hi.
I have a few domains and tried to create one NS entry on each DNS and put the SPF v=spf1 include:%{ir}.%{d}._spf.yourdomain.com -all, but the only one working is the one which I put in the ZONE setting. Is there any way to make the expurgate to respond to N domains instead of only one? My idea is each domain will use their own NS.
Hi there,
This is not an issue, but more of a question.
If I have to use your script and serve SPF records for multiple domains from a single server/docker instance, what should I use in 'ZONE' option in the docker command?
For example, lets say I've got domains mydomain.com, mydomain.net and mydomain.org. Am assuming I have to:
copy existing spf record to
_sd6sdyfn.mydomain.com
_sd6sdyfn.mydomain.net
_sd6sdyfn.mydomain.org
Run the command:
docker run -t -p 9001:9001 -p 53:53/udp -e ZONE=_spf -e MY_DOMAINS="mydomain.com mydomain.net mydomain.org" -e SOURCE_PREFIX="_sd6sdyfn" --dns 1.1.1.1 --dns 8.8.8.8 smck83/expurgate-solo
Create a NS record pointing my server ip:
spf.ns.mydomain.net pointing to x.x.x.x
Change SPF record for each domain pointing to NS record
_spf.mydomain.com NS pointing to spf.ns.mydomain.net
_spf.mydomain.net NS pointing to spf.ns.mydomain.net
_spf.mydomain.org NS pointing to spf.ns.mydomain.net
Have I understood it correctly or do I need to make some changes to the 'ZONE' option in the docker command?
First of all, thanks for your work. Instead of paying and subscribing to similar services, am using your Expurgate-Solo. It helped me save some money and sorted out my email delivery issues.
Will the docker images work on ARM VMs and RPi?
Thanks,
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.