Code: Select all
IN TXT "v=spf1 +ip4:172.0.0.1 -all"
_dmarc IN TXT "v=DMARC1; p=none;"Code: Select all
the TXT record itself can have multiple lines,
;; but in SPF settings, only one TXT record can be set for one domain name
;; [v=spf1] ⇒ it means SPF version
;; [+ip4] ⇒ specify IPv4 addresses
;; [+ip6] ⇒ specify IPv6 addresses
;; [+] ⇒ verify your domain's mail server
;; * [+] is optional
;; * if there is no [+] or [-], the [+] is considered to be omitted
;; [-] ⇒ do not authenticate as a mail server for the domain
;; [~] ⇒ deemed to be potentially fake but delivered anyway
;; if there are multiple mail servers, specify them with a space separator
IN TXT "v=spf1 +ip4:172.16.0.82 +ip4:172.16.0.83 -all"
;; for the case of specifying the host name of the mail server
;; * host name must be specified as a Fully Qualified Domain Name (FQDN)
IN TXT "v=spf1 +a:dlp.srv.world +a:www.srv.world -all"
;; for the case of setting only the specified host in the MX record
IN TXT "v=spf1 +mx -all"
;; for the case of describing the network containing hosts that may send email using the CIDR method
;; * be careful, if you specify too broad a range, the SPF record will be meaningless
IN TXT "v=spf1 +ip4:172.16.0.80/29 -all"
;; for example, if you use a subdomain such as [serverworld@dlp.srv.world] as an email address,
;; set it for the subdomain
dlp IN TXT "v=spf1 +ip4:172.16.0.82 -all"
;; for example, if your domain is only used as a web server and does not send email at all,
;; you can declare this with the following settings
IN TXT "v=spf1 -all"
;; for example, if you want to include the same SPF record as the one set for another domain [server.education],
;; set it like follows
IN TXT "v=spf1 +include:server.education -all"Code: Select all
;; [v=DMARC1] ⇒ DMARC version
;; [p=***] : action policy when authentication fails
;; - [none] ⇒ do nothing
;; - [quarantine] ⇒ quarantined in junk mail folder
;; - [reject] ⇒ reject email
;; [rua=mailto:***] : the address to which aggregate reports will be sent
;; * if not specified, no aggregate report will be sent
;; * if specify multiple addresses, separate them with commas (,)
_dmarc IN TXT "v=DMARC1; p=none; rua=mailto:admin@srv.world,webmaster@srv.world"
;; [ruf=mailto:***] : the address to which failure reports will be sent
;; * if not specified, no failure report will be sent
;; * if specify multiple addresses, separate them with commas (,)
_dmarc IN TXT "v=DMARC1; p=none; ruf=mailto:admin@srv.world,webmaster@srv.world"
;; [sp=***] : action policy when authentication of subdomain fails
;; * if not specified, the setting of [p=***] will be inherited
;; - [none] ⇒ do nothing
;; - [quarantine] ⇒ quarantined in junk mail folder
;; - [reject] ⇒ reject email
_dmarc IN TXT "v=DMARC1; p=none; sp=reject; rua=mailto:admin@srv.world"
;; [pct=***] : percentage of emails that the policy covers
;; * specify with [1-100]
;; * if not specified, it is set to [pct=100]
_dmarc IN TXT "v=DMARC1; p=none; pct=50; rua=mailto:admin@srv.world"
;; [fo=***] : action options for sending failure reports (when ruf=*** is enabled)
;; - [0] ⇒ both DKIM and SPF authentication fails (default if not specified)
;; - [1] ⇒ either DKIM or SPF authentication failed
;; - [d] ⇒ DKIM authentication failed
;; - [s] ⇒ SPF authentication failed
;; [aspf=***] : SPF authentication alignment mode
;; - [s] ⇒ strict mode : exact domain match (default if not specified)
;; - [r] ⇒ relaxed mode : partial domain match
;; [adkim=***] : DKIM authentication alignment mode
;; - [s] ⇒ strict mode : exact domain match (default if not specified)
;; - [r] ⇒ relaxed mode : partial domain match
;; [rf=afrf] : DMARC authentication failure report format
;; * currently only [rf=afrf] (default if not specified)
;; [ri=***] : aggregate report sending interval (in seconds)
;; * if not specified, the default value is [ri=86400] (24 hours)