Update records for email.cacert.org and emailout.cacert.org per e-mal request from Jan Dittberner on 06.08.2019.

Break up very long TXT record for spf1 in two parts to avoid hitting the 255 chars limit.


git-svn-id: http://svn.cacert.org/CAcert/SystemAdministration/ns/var/opendnssec/unsigned@2736 14b1bab8-4ef6-0310-b690-991c95c89dfd

cacert.org

@@ -1,10 +1,10 @@
 ; DNS master zone file for cacert.org, under RCS control
-; @(#)(CAcert) $Id: cacert.org,v 1.124 2019/08/04 07:33:19 root Exp $
+; @(#)(CAcert) $Id: cacert.org,v 1.126 2019/08/06 13:57:34 root Exp $
 
 $TTL	12h	;	default TTL for zone data
 
 @	1h	IN	SOA	ns1.cacert.org. hostmaster.cacert.org. (
-					2019080301	; Serial
+					2019080601	; Serial
 					4h		; refresh time
 					1h		; retry interval
 					7d		; expire time
@@ -17,8 +17,13 @@ $TTL	12h	;	default TTL for zone data
 @		IN	A	213.154.225.245
 @		IN	AAAA	2001:7b8:3:9c::245
 @		IN	MX	10 email.cacert.org.
-; TODO: Remove 'ip4:213.154.225.239' after transition
-@		IN	TXT	"v=spf1 ip4:213.154.225.245 ip4:213.154.225.246 ip4:213.154.225.247 ip6:2001:7b8:3:9c::245 ip6:2001:7b8:3:9c::246 ip6:2001:7b8:3:9c::247 ip4:213.154.225.228 ip4:213.154.225.230 ip4:213.154.225.239 -all"
+; SPF record for allowed outgoing email
+; *.228 is email.cacert.org
+; *.239 is emailout.cacert.org
+; *.245 is cacert.org/www.cacert.org
+; *.246 is secure.cacert.org
+; *.247 is tverify.cacert.org
+@		IN	TXT	"v=spf1 ip4:213.154.225.245 ip4:213.154.225.246 ip4:213.154.225.247 ip6:2001:7b8:3:9c::245 ip6:2001:7b8:3:9c::246 ip6:2001:7b8:3:9c::247" " ip4:213.154.225.228 ip6:2001:7b8:616:162:2::228 ip4:213.154.225.230 ip4:213.154.225.239 ip6:2001:7b8:616:162:2::239 -all"
 
 @		IN	CAA	0 issue "cacert.org"
 @		IN	CAA	0 issuewild "cacert.org"
@@ -100,15 +105,19 @@ crl		IN	A	213.154.225.236
 crl		IN	AAAA	2001:7b8:616:163::104
 
 email		IN	A	213.154.225.228
+email		IN	AAAA	2001:7b8:616:162:2::228
 email		IN	SSHFP	1 1 bf391fd72656a275524d1d25a624c6045b44ae90
-email		IN	SSHFP	2 1 73b0d8acb492a7187016dd3c5fc1519b309a550f
+email		IN	SSHFP	1 2 c8b68f3eb9a83902391b78686b4885a317fac0f74b0490a78b32ecbbee921df1
+email		IN	SSHFP	3 1 5ffbc51c37cdff52db9c488c08b89af9ffee06a0
+email		IN	SSHFP	3 2 a114de78fc26bd0dc6fa2206d7c04519ec875023cf203e446d4bbbbc4e24da19
+email		IN	SSHFP	4 1 18418515e94817f0624bf0a192331addf878ff66
+email		IN	SSHFP	4 2 d4fe3165206ba69baf4643253138561789918688375ed8ab89bcfc4411535221
 community	IN	CNAME	email.cacert.org.
 
 emailout	IN	A	213.154.225.239
+emailout	IN	AAAA	2001:7b8:616:162:2::239
 emailout	IN	SSHFP	1 1 1ba1ab632911e8a68a69521130120695086d858c
 emailout	IN	SSHFP	1 2 6e50d5b2034006b69eb7ba19d3f3fd2c48015bea2bb3d5e2a0f8cf25ff030055
-emailout	IN	SSHFP	2 1 0e8888352604dbd1cc4d201bc1e985d80b9cf752
-emailout	IN	SSHFP	2 2 a7402f014b47b805663c904dabbc9590db7d8d0f350cea6d9f63e12bc27bac0c
 emailout	IN	SSHFP	3 1 527004f2091d2cef2c28b5f8241fc0e76307b2ba
 emailout	IN	SSHFP	3 2 9094dcf8860523a83542ec4cc46fbcfed396f5525bc202cfecf42d1a7044136d
 emailout	IN	SSHFP	4 1 63f40df8536052d33d2d515eceb111ccb7983619

cacert.org.log

@@ -1,16 +1,24 @@
 
 RCS file: /var/opendnssec/unsigned/RCS/cacert.org,v
 Working file: /var/opendnssec/unsigned/cacert.org
-head: 1.124
+head: 1.126
 branch:
 locks: strict
 access list:
 symbolic names:
 keyword substitution: kv
-total revisions: 124;	selected revisions: 124
+total revisions: 126;	selected revisions: 126
 description:
 cacert.org - zone file for cacert.org
 ----------------------------
+revision 1.126
+date: 2019/08/06 13:57:34;  author: root;  state: Exp;  lines: +2 -2
+Break up very long TXT record for spf1 in two parts to avoid hitting the 255 chars limit.
+----------------------------
+revision 1.125
+date: 2019/08/06 13:46:19;  author: root;  state: Exp;  lines: +16 -7
+Update records for email.cacert.org and emailout.cacert.org per e-mal request from Jan Dittberner on 06.08.2019.
+----------------------------
 revision 1.124
 date: 2019/08/04 07:33:19;  author: root;  state: Exp;  lines: +24 -2
 Apply changes for infrastructure systems per e-mail request from Jan Dittberner on 03.08.2019.