added dmarc policy- relaxed for now but can be made more strict if needed

This commit is contained in:
daragh 2023-10-19 23:51:23 +01:00
parent c7faf7734c
commit dd0e55c9d6

View file

@ -145,7 +145,11 @@ in {
{ {
record = "_dmarc.${cfg.domain}."; record = "_dmarc.${cfg.domain}.";
r_type = "TXT"; r_type = "TXT";
value = ''"v=DMARC1; p=none"''; value = ''"v=DMARC1; p=quarantine; rua=mailto:mailman@skynet.ie; pct=100; adkim=r; aspf=r; sp=none"'';
#sp value which is left out , for different dmarc policy for subdomains
#quarantine = sends to spam, reject = never sent
#pct = percent of emails passed through dmarc, might want to be lower than 100 for testing
#adkim, aspf see https://support.google.com/a/answer/10032169#zippy=%2Cdmarc-record-tag-definitions-and-values
} }
# reverse pointer # reverse pointer