mirror of
				https://github.com/mail-in-a-box/mailinabox.git
				synced 2025-10-25 18:00:54 +00:00 
			
		
		
		
	softfail SPF
This commit is contained in:
		
							parent
							
								
									824db18c5e
								
							
						
					
					
						commit
						2d9aa20b36
					
				| @ -308,11 +308,12 @@ def build_zone(domain, domain_properties, additional_records, env, is_zone=True) | |||||||
| 		if not has_rec(None, "MX", prefix="10 "): | 		if not has_rec(None, "MX", prefix="10 "): | ||||||
| 			records.append((None,  "MX",  "10 %s." % env["PRIMARY_HOSTNAME"], "Required. Specifies the hostname (and priority) of the machine that handles @%s mail." % domain)) | 			records.append((None,  "MX",  "10 %s." % env["PRIMARY_HOSTNAME"], "Required. Specifies the hostname (and priority) of the machine that handles @%s mail." % domain)) | ||||||
| 
 | 
 | ||||||
| 		# SPF record: Permit the box ('mx', see above) to send mail on behalf of | 		# SPF record: Permit the box ('mx', see above) to send mail on behalf of the domain, | ||||||
| 		# the domain, and no one else. | 		# and no one else. Set to softfail because we also have DMARC and DKIM as discussed | ||||||
|  | 		# here: https://www.mailhardener.com/blog/why-mailhardener-recommends-spf-softfail-over-fail | ||||||
| 		# Skip if the user has set a custom SPF record. | 		# Skip if the user has set a custom SPF record. | ||||||
| 		if not has_rec(None, "TXT", prefix="v=spf1 "): | 		if not has_rec(None, "TXT", prefix="v=spf1 "): | ||||||
| 			records.append((None,  "TXT", 'v=spf1 mx -all', "Recommended. Specifies that only the box is permitted to send @%s mail." % domain)) | 			records.append((None,  "TXT", 'v=spf1 mx ~all', "Recommended. Specifies that only the box is permitted to send @%s mail." % domain)) | ||||||
| 
 | 
 | ||||||
| 		# Append the DKIM TXT record to the zone as generated by DKIMpy. | 		# Append the DKIM TXT record to the zone as generated by DKIMpy. | ||||||
| 		# Skip if the user has set a DKIM record already. | 		# Skip if the user has set a DKIM record already. | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user