Security/Domain: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
| (31 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
==Tools » Install » SPF== | ==Tools » Install » SPF== | ||
<syntaxhighlight lang= | {|class='wikitable mw-collapsible' | ||
!scope='col' style='text-align:left' colspan='3'| | |||
Tools » Install » SPF | |||
|- | |||
|valign='top' colspan='3'| | |||
<syntaxhighlight lang='bash'> | |||
cat <<'EXE'| sudo bash | cat <<'EXE'| sudo bash | ||
echo && git clone https://github.com/jsarenik/spf-tools.git /opt/cli/spf-tools | echo && git clone https://github.com/jsarenik/spf-tools.git /opt/cli/spf-tools | ||
| Line 7: | Line 12: | ||
EXE | EXE | ||
</syntaxhighlight> | </syntaxhighlight> | ||
- | |- | ||
<syntaxhighlight lang= | |valign='top' colspan='3'| | ||
cat <<'CFG'| | <syntaxhighlight lang='bash'> | ||
cat <<'CFG'| tee ${HOME}/.spf-toolsrc >/dev/null | |||
DOMAIN=shahed.biz | DOMAIN=shahed.biz | ||
ORIG_SPF=spf.shahed.biz | ORIG_SPF=spf.shahed.biz | ||
| Line 16: | Line 22: | ||
DNS_SERVER=1.1.1.1 | DNS_SERVER=1.1.1.1 | ||
CFG | CFG | ||
</syntaxhighlight> | |||
|- | |||
|valign='top' style='width:34%'| | |||
<syntaxhighlight lang='bash'> | |||
dig MX chorke.com | |||
dig TXT chorke.com | |||
/opt/cli/spf-tools/despf.sh chorke.com | |||
</syntaxhighlight> | |||
|valign='top' style='width:33%'| | |||
<syntaxhighlight lang='bash'> | |||
dig MX chorke.org | |||
dig TXT chorke.org | |||
/opt/cli/spf-tools/despf.sh chorke.org | |||
</syntaxhighlight> | |||
|valign='top' style='width:33%'| | |||
<syntaxhighlight lang='bash'> | |||
dig MX shahed.biz | |||
dig TXT shahed.biz | |||
/opt/cli/spf-tools/despf.sh shahed.biz | |||
</syntaxhighlight> | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
dig MX finology-group.com | |||
dig TXT finology-group.com | |||
/opt/cli/spf-tools/despf.sh finology-group.com | |||
</syntaxhighlight> | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
dig MX finology.com.my | |||
dig TXT finology.com.my | |||
/opt/cli/spf-tools/despf.sh finology.com.my | |||
</syntaxhighlight> | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
dig MX coverplus.io | |||
dig TXT coverplus.io | |||
/opt/cli/spf-tools/despf.sh coverplus.io | |||
</syntaxhighlight> | |||
|- | |||
|valign='top' colspan='3'| | |||
<syntaxhighlight lang='bash'> | |||
cd /opt/cli/spf-tools;./despf.sh chorke.org |./normalize.sh |./simplify.sh |./iprange.sh |./mkblocks.sh |./xsel.sh | |||
cd /opt/cli/spf-tools;./despf.sh chorke.org |./normalize.sh |./simplify.sh |./iprange.sh |./mkblocks.sh | |||
cd /opt/cli/spf-tools;./despf.sh chorke.org |./normalize.sh |./simplify.sh |./iprange.sh | |||
</syntaxhighlight> | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
cd /opt/cli/spf-tools;\ | |||
cat <<'SPF'| ./normalize.sh | |||
ip4:10.19.83.10/24 | |||
ip4:10.19.93.100/24 | |||
ip4:10.20.03.110/24 | |||
SPF | |||
</syntaxhighlight> | </syntaxhighlight> | ||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
cd /opt/cli/spf-tools;\ | |||
cat <<'SPF'| ./simplify.sh | |||
ip4:10.19.83.1 | |||
ip4:10.19.83.100 | |||
ip4:10.19.83.0/24 | |||
SPF | |||
</syntaxhighlight> | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
cd /opt/cli/spf-tools;\ | |||
./despf.sh chorke.org | |||
./despf.sh chorke.org| \ | |||
./iprange.sh | |||
</syntaxhighlight> | |||
|} | |||
==Tools » Install » DKIM== | ==Tools » Install » DKIM== | ||
<syntaxhighlight lang= | {|class='wikitable mw-collapsible' | ||
!scope='col' style='text-align:left' colspan='3'| | |||
Tools » Install » DKIM | |||
|- | |||
|valign='top' colspan='3'| | |||
<syntaxhighlight lang='bash'> | |||
cat <<'EXE'| sudo bash | cat <<'EXE'| sudo bash | ||
apt-get update;echo | apt-get update;echo | ||
| Line 25: | Line 116: | ||
apt-get install -y opendkim-tools;echo;apt-get clean | apt-get install -y opendkim-tools;echo;apt-get clean | ||
EXE | EXE | ||
</syntaxhighlight> | |||
|- | |||
|valign='top' style='width:34%'| | |||
<syntaxhighlight lang='bash'> | |||
opendkim-testkey -d coverplus.io -vvv -s s1 | |||
opendkim-testkey -d coverplus.io -vvv -s s2 | |||
</syntaxhighlight> | |||
|valign='top' style='width:33%'| | |||
<syntaxhighlight lang='bash'> | |||
opendkim-testkey -d loanplus.io -vvv -s s1 | |||
opendkim-testkey -d loanplus.io -vvv -s s2 | |||
</syntaxhighlight> | </syntaxhighlight> | ||
|valign='top' style='width:33%'| | |||
<syntaxhighlight lang='bash'> | |||
opendkim-testkey -d loanstreet.com.my -vvv -s s1 | |||
opendkim-testkey -d loanstreet.com.my -vvv -s s2 | |||
</syntaxhighlight> | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
opendkim-testkey -d finology.com.my -vvv -s fn | |||
opendkim-testkey -d finology.com.my -vvv -s google | |||
opendkim-testkey -d finology.com.my -vvv -s ritesh | |||
</syntaxhighlight> | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
opendkim-testkey -d chorke.org -vvv -s google | |||
opendkim-testkey -d finology.group -vvv -s mail | |||
opendkim-testkey -d finology-group.com -vvv -s google | |||
</syntaxhighlight> | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
opendkim-genkey -b 2048 -d chorke.org -s s1 | |||
opendkim-genkey -b 2048 -d chorke.org -s s2 | |||
opendkim-genkey -b 2048 -d chorke.org -s mail | |||
</syntaxhighlight> | |||
|} | |||
==DNS » Record » TXT » SPF== | ==DNS » Record » TXT » SPF== | ||
{|class='wikitable mw-collapsible' | |||
!scope='col' style='text-align:left' colspan='2'| | |||
DNS » Record » TXT » SPF | |||
|- | |||
|valign='top'style='width:50%'| | |||
'''SPF TXT Record Format''' | |||
v=spf1 ['''mechanism'''] ['''qualifier'''] ['''modifiers'''] ... | |||
{|class="wikitable" | |||
|- | |||
!scope="col" style='width:100px'| Mechanism | |||
!scope="col" style='width:220px'| Example | |||
!scope="col" style='width:370px'| Meaning | |||
|- | |||
| <code>ip4</code> || <code>ip4:192.0.2.1</code> || Allow a specific IPv4 address | |||
|- | |||
| <code>ip6</code> || <code>ip6:2001:db8::1</code> || Allow a specific IPv6 address | |||
|- | |||
| <code>a</code> || <code>a:example.com</code> || Allow IP from the A or AAAA record of domain | |||
|- | |||
| <code>mx</code> || <code>mx:example.com</code> || Allow mail servers listed in domain's MX records | |||
|- | |||
| <code>include</code> || <code>include:_spf.google.com</code> || Include SPF rules from another domain | |||
|- | |||
| <code>all</code> || <code>-all</code>, <code>~all</code>, <code>?all</code>, <code>+all</code> || Apply default rule to any unmatched sender | |||
|} | |||
{|class="wikitable" | |||
|- | |||
!scope="col" style='width:100px'| Qualifier | |||
!scope="col" style='width:100px'| Meaning | |||
!scope="col" style='width:200px'| Action | |||
!scope="col" style='width:280px'| Usage | |||
|- | |||
| <code>+all</code> || Pass || Accept mail from any IP || ☠️ Not recommended | |||
|- | |||
| <code>-all</code> || Hard fail || Reject non-matching IPs || ✅ Strict enforcement | |||
|- | |||
| <code>~all</code> || Soft fail || Accept but mark as spam || 👍 Recommended during rollout | |||
|- | |||
| <code>?all</code> || Neutral || No policy guidance || 🤷 Rare, for undefined policies | |||
|} | |||
{|class="wikitable" | |||
|- | |||
!scope="col" style='width:100px'| Modifier | |||
!scope="col" style='width:310px'| Description | |||
!scope="col" style='width:285px'| Example | |||
|- | |||
| <code>redirect</code> || Redirect SPF check to another domain || <code>redirect=_spf.example.com</code> | |||
|- | |||
| <code>exp</code> || Explanation domain for failed SPF || <code>exp=explain.example.com</code> | |||
|} | |||
|valign='top'style='width:50%'| | |||
# Run a Composite Check: | |||
#* [https://dmarcian.com/domain-checker/ DMARCian » Domain Checker] | |||
#* [https://easydmarc.com/tools/email-security-check EasyDMARC » Email Security Check] | |||
# Use SPF Flattening | |||
#* [https://easydmarc.com/tools/spf-flattening EasyDMARC » SPF Flattening] | |||
# Manually | |||
#*; Check for: | |||
#*: Proper -all ending | |||
#*: Lookup count ≤ 10 | |||
#*: No multiple TXT records | |||
#*: Only needed services included | |||
|} | |||
==DNS » Record » TXT » DKIM== | ==DNS » Record » TXT » DKIM== | ||
{|class='wikitable mw-collapsible' | |||
!scope='col' style='text-align:left'| | |||
DNS » Record » TXT » DKIM | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
# Gmail » Google Workspace | |||
# Admin Console » Apps » Google Workspace » Gmail » Authenticate email » Selected domain » chorke.org » Generate New Record » Start Authentication | |||
</syntaxhighlight> | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
# Twilio SendGrid | |||
# Sender Authentication » Domain Authentication » <id>.chorke.org » DNS Records » Manual Install » Verify | |||
</syntaxhighlight> | |||
|} | |||
==Hard Fail SPF== | |||
{|class='wikitable mw-collapsible' | |||
!scope='col' style='text-align:left' colspan='2'| | |||
Hard Fail SPF | |||
|- | |||
|valign='top' style='width:50%'| | |||
<syntaxhighlight lang='yaml'> | |||
--- | |||
Type: MX | |||
Host/Name: @ | |||
Priority: 0 | |||
Value: . | |||
</syntaxhighlight> | |||
|valign='top' style='width:50%'| | |||
* Enforcing an '''SPF Hard Fail posture''' as part of our domain lock-down | |||
* We are implementing a strict '''deny-all''' SPF policy to harden our non-sending domains | |||
* Deploying a '''Zero-trust''' email configuration using a '''Null SPF''' record for parked domains | |||
|- | |||
|valign='top'| | |||
<syntaxhighlight lang='yaml'> | |||
--- | |||
Type: TXT | |||
Host/Name: @ | |||
Value: "v=spf1 -all" | |||
</syntaxhighlight> | |||
|valign='top'| | |||
<syntaxhighlight lang='yaml'> | |||
--- | |||
Type: TXT | |||
Host/Name: _dmarc | |||
Value: "v=DMARC1; p=reject; adkim=s; aspf=s; pct=100; rua=mailto:tool.tech@shahed.biz" | |||
</syntaxhighlight> | |||
|- | |||
|valign='top' colspan='2'| | |||
<syntaxhighlight lang='bash'> | |||
dig +short TXT _dmarc.shahed.biz | |||
dig +short TXT s1._domainkey.shahed.biz | |||
dig +short TXT s2._domainkey.shahed.biz | |||
opendkim-testkey -d shahed.biz -vvv -s s1 | |||
opendkim-testkey -d shahed.biz -vvv -s s2 | |||
setsid open https://mxtoolbox.com/SuperTool.aspx?action=dkim%3As1._domainkey.shahed.biz &run=toolpage >/dev/null 2>&1 & | |||
setsid open https://mxtoolbox.com/SuperTool.aspx?action=dkim%3As2._domainkey.shahed.biz &run=toolpage >/dev/null 2>&1 & | |||
</syntaxhighlight> | |||
|- | |||
|valign='top' colspan='2'| | |||
<syntaxhighlight lang='bash'> | |||
dig +short TXT shahed.biz | grep "v=spf1" | |||
(cd /opt/cli/spf-tools;./despf.sh shahed.biz) | |||
setsid open https://mxtoolbox.com/SuperTool.aspx?action=spf%3Ashahed.biz&run=toolpage >/dev/null 2>&1 & | |||
</syntaxhighlight> | |||
|} | |||
==Playground== | ==Playground== | ||
{| | {|class='wikitable mw-collapsible' | ||
| valign= | !scope='col' style='text-align:left' colspan='3'| | ||
<syntaxhighlight lang= | Playground | ||
|- | |||
|valign='top' style='width:34%'| | |||
<syntaxhighlight lang='bash'> | |||
dig MX chorke.org | dig MX chorke.org | ||
dig TXT chorke.org | dig TXT chorke.org | ||
| Line 40: | Line 311: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| valign= | |valign='top' style='width:33%'| | ||
<syntaxhighlight lang= | <syntaxhighlight lang='bash'> | ||
apt info opendkim-tools | apt info opendkim-tools | ||
apt search opendkim-tools | apt search opendkim-tools | ||
| Line 47: | Line 318: | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| valign= | |valign='top' style='width:33%'| | ||
<syntaxhighlight lang= | <syntaxhighlight lang='bash'> | ||
sudo git clone https://github.com/jsarenik/spf-tools.git \ | sudo git clone https://github.com/jsarenik/spf-tools.git \ | ||
/opt/cli/spf-tools | /opt/cli/spf-tools | ||
cd /opt/cli/spf-tools/ | cd /opt/cli/spf-tools/ | ||
</syntaxhighlight> | </syntaxhighlight> | ||
|- | |- | ||
|valign='top'| | |||
<syntaxhighlight lang='bash'> | |||
dig TXT s1.domainkey.u5967707.wl208.sendgrid.net | |||
| valign= | dig TXT s2.domainkey.u5967707.wl208.sendgrid.net | ||
<syntaxhighlight lang= | |||
</syntaxhighlight> | </syntaxhighlight> | ||
| valign= | |valign='top'| | ||
<syntaxhighlight lang= | <syntaxhighlight lang='bash'> | ||
</syntaxhighlight> | </syntaxhighlight> | ||
| valign= | |valign='top'| | ||
<syntaxhighlight lang= | <syntaxhighlight lang='bash'> | ||
</syntaxhighlight> | </syntaxhighlight> | ||
|} | |} | ||
==References== | ==References== | ||
{| | {|class='wikitable mw-collapsible' | ||
|valign='top'| | !scope='col' style='text-align:left' colspan='3'| | ||
References | |||
|- | |||
|valign='top' style='width:34%'| | |||
* [https://www.twilio.com/docs/sendgrid/ui/account-and-settings/dkim-records Security » Domain » DKIM » Explained] | |||
* [https://www.mail-tester.com/ Security » Domain » MX » Mail Tester] | * [https://www.mail-tester.com/ Security » Domain » MX » Mail Tester] | ||
* [https://easydmarc.com/tools/spf-flattening Security » Domain » SPF » Flattening] | |||
* [https://easydmarc.com/tools/email-security-check Security » Domain » DMARC » Email] | |||
* [https://dkimcore.org/tools/keycheck.html Security » Domain » DKIM » Core] | * [https://dkimcore.org/tools/keycheck.html Security » Domain » DKIM » Core] | ||
* [https://github.com/spf-tools/spf-tools Security » Domain » SPF » Tools] | * [https://github.com/spf-tools/spf-tools Security » Domain » SPF » Tools] | ||
| Line 82: | Line 357: | ||
* [https://toolbox.googleapps.com/apps/checkmx/ Security » Domain » MX] | * [https://toolbox.googleapps.com/apps/checkmx/ Security » Domain » MX] | ||
|valign='top'| | |valign='top' style='width:33%'| | ||
* [https://mxtoolbox.com/SuperTool.aspx?action=dkim%3Amail._domainkey.mail.finology.com.my&run=toolpage Security » Domain » DKIM » <code>mail.finology.com.my:mail</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=dkim%3Agoogle._domainkey.finology-group.com&run=toolpage Security » Domain » DKIM » <code>finology-group.com:google</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=dkim%3Agoogle._domainkey.finology.com.my&run=toolpage Security » Domain » DKIM » <code>finology.com.my:google</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=dkim%3Agoogle._domainkey.chorke.com&run=toolpage Security » Domain » DKIM » <code>chorke.com:google</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=dkim%3Agoogle._domainkey.chorke.org&run=toolpage Security » Domain » DKIM » <code>chorke.org:google</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=dkim%3Agoogle._domainkey.shahed.biz&run=toolpage Security » Domain » DKIM » <code>shahed.biz:google</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=dkim%3As1._domainkey.coverplus.io&run=toolpage Security » Domain » DKIM » <code>coverplus.io:s1</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=dkim%3As2._domainkey.coverplus.io&run=toolpage Security » Domain » DKIM » <code>coverplus.io:s2</code>] | |||
| | |valign='top' style='width:33%'| | ||
* [https://mxtoolbox.com/SuperTool.aspx?action=spf%3Amail.finology.com.my&run=toolpage Security » Domain » SPF » <code>mail.finology.com.my</code>] | |||
-- | * [https://mxtoolbox.com/SuperTool.aspx?action=spf%3Afinology-group.com&run=toolpage Security » Domain » SPF » <code>finology-group.com</code>] | ||
* [https://mxtoolbox.com/SuperTool.aspx?action=spf%3Afinology.com.my&run=toolpage Security » Domain » SPF » <code>finology.com.my</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=spf%3Acoverplus.io&run=toolpage Security » Domain » SPF » <code>coverplus.io</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=spf%3Aloanplus.io&run=toolpage Security » Domain » SPF » <code>loanplus.io</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=spf%3Achorke.com&run=toolpage Security » Domain » SPF » <code>chorke.com</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=spf%3Achorke.org&run=toolpage Security » Domain » SPF » <code>chorke.org</code>] | |||
* [https://mxtoolbox.com/SuperTool.aspx?action=spf%3Ashahed.biz&run=toolpage Security » Domain » SPF » <code>shahed.biz</code>] | |||
|- | |- | ||
|valign='top'| | |valign='top'| | ||
| Line 108: | Line 395: | ||
|valign='top'| | |valign='top'| | ||
|- | |- | ||
|valign='top'| | |valign='top'| | ||
Latest revision as of 00:52, 19 January 2026
Tools » Install » SPF
|
Tools » Install » SPF | ||
|---|---|---|
cat <<'EXE'| sudo bash
echo && git clone https://github.com/jsarenik/spf-tools.git /opt/cli/spf-tools
echo && cd /opt/cli/spf-tools/
./despf.sh -h
EXE
| ||
cat <<'CFG'| tee ${HOME}/.spf-toolsrc >/dev/null
DOMAIN=shahed.biz
ORIG_SPF=spf.shahed.biz
DESPF_SKIP_DOMAINS=_spf.google.com:_spf.sendgrid.net
DNS_TIMEOUT=5
DNS_SERVER=1.1.1.1
CFG
| ||
dig MX chorke.com
dig TXT chorke.com
/opt/cli/spf-tools/despf.sh chorke.com
|
dig MX chorke.org
dig TXT chorke.org
/opt/cli/spf-tools/despf.sh chorke.org
|
dig MX shahed.biz
dig TXT shahed.biz
/opt/cli/spf-tools/despf.sh shahed.biz
|
dig MX finology-group.com
dig TXT finology-group.com
/opt/cli/spf-tools/despf.sh finology-group.com
|
dig MX finology.com.my
dig TXT finology.com.my
/opt/cli/spf-tools/despf.sh finology.com.my
|
dig MX coverplus.io
dig TXT coverplus.io
/opt/cli/spf-tools/despf.sh coverplus.io
|
cd /opt/cli/spf-tools;./despf.sh chorke.org |./normalize.sh |./simplify.sh |./iprange.sh |./mkblocks.sh |./xsel.sh
cd /opt/cli/spf-tools;./despf.sh chorke.org |./normalize.sh |./simplify.sh |./iprange.sh |./mkblocks.sh
cd /opt/cli/spf-tools;./despf.sh chorke.org |./normalize.sh |./simplify.sh |./iprange.sh
| ||
cd /opt/cli/spf-tools;\
cat <<'SPF'| ./normalize.sh
ip4:10.19.83.10/24
ip4:10.19.93.100/24
ip4:10.20.03.110/24
SPF
|
cd /opt/cli/spf-tools;\
cat <<'SPF'| ./simplify.sh
ip4:10.19.83.1
ip4:10.19.83.100
ip4:10.19.83.0/24
SPF
|
cd /opt/cli/spf-tools;\
./despf.sh chorke.org
./despf.sh chorke.org| \
./iprange.sh
|
Tools » Install » DKIM
|
Tools » Install » DKIM | ||
|---|---|---|
cat <<'EXE'| sudo bash
apt-get update;echo
apt list -a --upgradable;echo
apt-get install -y opendkim-tools;echo;apt-get clean
EXE
| ||
opendkim-testkey -d coverplus.io -vvv -s s1
opendkim-testkey -d coverplus.io -vvv -s s2
|
opendkim-testkey -d loanplus.io -vvv -s s1
opendkim-testkey -d loanplus.io -vvv -s s2
|
opendkim-testkey -d loanstreet.com.my -vvv -s s1
opendkim-testkey -d loanstreet.com.my -vvv -s s2
|
opendkim-testkey -d finology.com.my -vvv -s fn
opendkim-testkey -d finology.com.my -vvv -s google
opendkim-testkey -d finology.com.my -vvv -s ritesh
|
opendkim-testkey -d chorke.org -vvv -s google
opendkim-testkey -d finology.group -vvv -s mail
opendkim-testkey -d finology-group.com -vvv -s google
|
opendkim-genkey -b 2048 -d chorke.org -s s1
opendkim-genkey -b 2048 -d chorke.org -s s2
opendkim-genkey -b 2048 -d chorke.org -s mail
|
DNS » Record » TXT » SPF
|
DNS » Record » TXT » SPF | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
SPF TXT Record Format v=spf1 [mechanism] [qualifier] [modifiers] ...
|
| ||||||||||||||||||||||||||||||||||||||||||||||||||
DNS » Record » TXT » DKIM
|
DNS » Record » TXT » DKIM |
|---|
# Gmail » Google Workspace
# Admin Console » Apps » Google Workspace » Gmail » Authenticate email » Selected domain » chorke.org » Generate New Record » Start Authentication
|
# Twilio SendGrid
# Sender Authentication » Domain Authentication » <id>.chorke.org » DNS Records » Manual Install » Verify
|
Hard Fail SPF
|
Hard Fail SPF | |
|---|---|
---
Type: MX
Host/Name: @
Priority: 0
Value: .
|
|
---
Type: TXT
Host/Name: @
Value: "v=spf1 -all"
|
---
Type: TXT
Host/Name: _dmarc
Value: "v=DMARC1; p=reject; adkim=s; aspf=s; pct=100; rua=mailto:tool.tech@shahed.biz"
|
dig +short TXT _dmarc.shahed.biz
dig +short TXT s1._domainkey.shahed.biz
dig +short TXT s2._domainkey.shahed.biz
opendkim-testkey -d shahed.biz -vvv -s s1
opendkim-testkey -d shahed.biz -vvv -s s2
setsid open https://mxtoolbox.com/SuperTool.aspx?action=dkim%3As1._domainkey.shahed.biz &run=toolpage >/dev/null 2>&1 &
setsid open https://mxtoolbox.com/SuperTool.aspx?action=dkim%3As2._domainkey.shahed.biz &run=toolpage >/dev/null 2>&1 &
| |
dig +short TXT shahed.biz | grep "v=spf1"
(cd /opt/cli/spf-tools;./despf.sh shahed.biz)
setsid open https://mxtoolbox.com/SuperTool.aspx?action=spf%3Ashahed.biz&run=toolpage >/dev/null 2>&1 &
| |
Playground
|
Playground | ||
|---|---|---|
dig MX chorke.org
dig TXT chorke.org
openssl s_client -connect mail.chorke.org:25
|
apt info opendkim-tools
apt search opendkim-tools
sudo apt-get install -y opendkim-tools
|
sudo git clone https://github.com/jsarenik/spf-tools.git \
/opt/cli/spf-tools
cd /opt/cli/spf-tools/
|
dig TXT s1.domainkey.u5967707.wl208.sendgrid.net
dig TXT s2.domainkey.u5967707.wl208.sendgrid.net
|
||