// Publish CAA records indicating that only letsencrypt should issue certificates
- CAA("@", "issue", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "issuewild", "letsencrypt.org", CF_TTL_ANY),
- CAA("@", "iodef", "mailto:hostmaster@openstreetmap.org"),
+ CAA_BUILDER({
+ label: "@",
+ iodef: "mailto:hostmaster@openstreetmap.org",
+ issue: [
+ "letsencrypt.org",
+ ],
+ issuewild: [
+ "letsencrypt.org",
+ ],
+ }),
+
+ // Delegate SPF policy to the main domain
+
+ SPF_BUILDER({
+ label: "@",
+ parts: [
+ "v=spf1",
+ "include:openstreetmap.org", // main openstreetmap.org spf record
+ "-all"
+ ]
+ }),
// Main web server and it's aliases
- A("@", "193.60.236.19", TTL("10m")),
- A("old", "193.60.236.19", TTL("10m")),
- A("www", "193.60.236.19", TTL("10m"))
+ A("@", RIDLEY_IPV4),
+ A("old", RIDLEY_IPV4), // Legacy URL support https://blog.openstreetmap.org/2010/02/25/old-opengeodata-posts-now-up-at-old-opengeodata-org/
+ A("www", RIDLEY_IPV4)
-);
+);
\ No newline at end of file