On Jun 27, 2022, at 11:34 AM, Stephane Bortzmeyer <bortzme...@nic.fr<mailto:bortzme...@nic.fr>> wrote:
Also, I do not understand the writing of "hundreds of lines of code". The code to load DMARC records is in BIND for a very long time since they are just TXT records. @ IN TXT v=DMARC1; p=reject; rua=mailto:dmarc_rep...@mail.netassoc.net; ruf=mailto:demarc_foren...@mail.netassoc.net; fo=1; Quotes, may be? Yes this part needs to be in quotes"v=DMARC1; p=reject; rua=mailto:dmarc_rep...@mail.netassoc.net ruf=mailto:demarc_foren...@mail.netassoc.net; fo=1;" Also, DMARC records need to be at _dmarc under the apex, not at the apex. I found this to be a very helpful guide to setting up DMARC in bind. it has examples: https://www.sonicwall.com/support/knowledge-base/what-is-a-dmarc-record-and-how-do-i-create-it-on-dns-server/170504796167071/ here is a good site with tools to check DMARC, DKIM and SPF records. https://www.dmarcanalyzer.com/dmarc/ I think cname "_dmarc.netassoc.net<http://dmarc.netassoc.net>. IN CNAME netassoc.net<http://netassoc.net>.” is not needed. The _dmarc.netassoc.net<http://dmarc.netassoc.net> entry identifies netassoc.net<http://netaccoc.net> as the domain the dmarc record is for. At least I do not have that CNAME set for my domain and DMARC passes all the tests. -- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group Institutions do not have opinions, merely customs
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
