// Let google handle email
- MX("@", 1, "aspmx.l.google.com.", TTL("1h")),
- MX("@", 5, "alt1.aspmx.l.google.com.", TTL("1h")),
- MX("@", 5, "alt2.aspmx.l.google.com.", TTL("1h")),
- MX("@", 10, "alt3.aspmx.l.google.com.", TTL("1h")),
- MX("@", 10, "alt4.aspmx.l.google.com.", TTL("1h")),
+ MX("@", 1, "aspmx.l.google.com."),
+ MX("@", 5, "alt1.aspmx.l.google.com."),
+ MX("@", 5, "alt2.aspmx.l.google.com."),
+ MX("@", 10, "alt3.aspmx.l.google.com."),
+ MX("@", 10, "alt4.aspmx.l.google.com."),
// Handle mail for the join subdomain ourselves
"include:_spf.google.com", // Google GSuite
"ip4:212.110.172.32", // shenron ipv4
"ip6:2001:41c9:1:400::32", // shenron ipv6
+ "ip4:184.104.226.98", // fafnir ipv4
+ "ip6:2001:470:1:b3b::2", // fafnir ipv6
+ "ip4:193.60.236.0/24", // ucl external
+ "ip4:184.104.179.128/27", // amsterdam external
+ "ip6:2001:470:1:fa1::/64", // amsterdam external
+ "ip4:184.104.226.96/27", // dublin external
+ "ip6:2001:470:1:b3b::/64", // dublin external
+ "-all"
+ ]
+ }),
+
+ SPF_BUILDER({
+ label: "wiki",
+ parts: [
+ "v=spf1",
+ "ip4:184.104.226.98", // fafnir ipv4
+ "ip6:2001:470:1:b3b::2", // fafnir ipv6
+ "ip4:193.60.236.0/24", // ucl external
+ "ip4:184.104.179.128/27", // amsterdam external
+ "ip6:2001:470:1:fa1::/64", // amsterdam external
+ "ip4:184.104.226.96/27", // dublin external
+ "ip6:2001:470:1:b3b::/64", // dublin external
"-all"
]
}),
// Apple Business Manager verification
TXT("@", "apple-domain-verification=ZzBG2msRtUDehTMW"),
+ // Publish DMARC report-only policy
+
+ DMARC_BUILDER({
+ policy: "none",
+ rua: [
+ "mailto:openstreetmap-d@dmarc.report-uri.com"
+ ],
+ failureOptions: 1
+ }),
+
// DKIM keys
TXT("google._domainkey", "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCJmTBAkYRCocCCNtVsdRNMlQel8kNfjPYJpjEm7woEgZh9yZeDzxImtz+u73oUF4+7bXzrNYbP946WNQIwAba1J69he8L1qfPBJLd3Z/fgmuaGdWcxpDno2EY4cQ8PrzvI6Vfm+6YAFANl8w09CIg41ykdlzH4iUJXD35k3SIl3wIDAQAB"),
// Main web server and it's aliases
- A("@", RIDLEY_IPV4, TTL("10m")),
- A("www", RIDLEY_IPV4, TTL("10m")),
- A("wiki", RIDLEY_IPV4, TTL("10m")),
- A("blog", RIDLEY_IPV4, TTL("10m")),
- A("crm", RIDLEY_IPV4, TTL("10m")),
- A("join", RIDLEY_IPV4, TTL("10m")),
- A("board", RIDLEY_IPV4, TTL("10m")),
- A("dwg", RIDLEY_IPV4, TTL("10m")),
- A("mwg", RIDLEY_IPV4, TTL("10m")),
- A("operations", RIDLEY_IPV4, TTL("10m")),
+ A("@", RIDLEY_IPV4),
+ A("www", RIDLEY_IPV4),
+ A("wiki", RIDLEY_IPV4),
+ A("blog", RIDLEY_IPV4),
+ A("crm", RIDLEY_IPV4),
+ A("join", RIDLEY_IPV4),
+ A("board", RIDLEY_IPV4),
+ A("dwg", RIDLEY_IPV4),
+ A("mwg", RIDLEY_IPV4),
+ A("operations", NAGA_IPV4),
+ AAAA("operations", NAGA_IPV6),
+
+ // Temporary join development staging server
+ A("join-staging", DRIBBLE_IPV4),
+ AAAA("join-staging", DRIBBLE_IPV6),
// Nextcloud instance
- CNAME("files", "nextcloud-openstreetmapfoundation.cloud68.systems.")
+ CNAME("files", "nextcloud-openstreetmapfoundation.cloud68.systems."),
+
+ A("hardware", IDRIS_IPV4)
);