From 01e04cc4a77c8a597674718cd0bf8e9f23d746cb Mon Sep 17 00:00:00 2001
From: Jonas Smedegaard <dr@jones.dk>
Date: Thu, 1 Nov 2007 00:42:44 +0000
Subject: Add SPF TXT hints for all public A RRs. Improve comments. Use CNAME
 for services (they do not need SPF hints).

---
 bind/pri/JONES                | 35 +++++++++++++++++++++++++++----
 bind/pri/JONES-mailonly       | 30 ++++++++++++++++++++++++++-
 bind/pri/JONES-nomail         | 35 +++++++++++++++++++++++++++----
 bind/pri/OFF                  | 30 ++++++++++++++++++++++++++-
 bind/pri/jones.dk             | 48 ++++++++++++++++++++++++++++++++-----------
 bind/pri/xpositionreverse.org | 37 ++++++++++++++++++++++++++++-----
 6 files changed, 188 insertions(+), 27 deletions(-)

(limited to 'bind/pri')

diff --git a/bind/pri/JONES b/bind/pri/JONES
index 896f235..45ed286 100644
--- a/bind/pri/JONES
+++ b/bind/pri/JONES
@@ -1,10 +1,13 @@
 $TTL    3600
 @		SOA	dns.jones.dk.	dr.jones.dk. (
-			2007082301	; serial (2006021901)
+			2007103101	; serial (2006021901)
 			3600		; refresh
 			1800		; retry
 			604800		; expire
 			3600 )		; Negative Cache TTL
+
+; Public zone roots, mailhubs and non-CNAME services (use A)
+		A	80.196.110.134
 		NS	dns.jones.dk.
 		NS	ns.bitbase.dk.
 		NS	ns.superserver.dk.
@@ -15,6 +18,30 @@ $TTL    3600
 		MX 50	mail.idaa.dk.
 		MX 50	mail.haakansson.com.
 		TXT	"v=spf1 mx -all"
-		A	80.196.110.134
-*		A	80.196.110.134
-		TXT	"v=spf1 -all"
+
+; External hosts (use A and TXT-wrapped CNAME or PTR)
+
+; Public local hosts (use A)
+
+; Public wildcards of zone roots, hosts and non-CNAME services (use A and TXT or CNAME)
+*		CNAME	xayide.jones.dk.
+
+; Public CNAME-mapped PTR records
+
+; Public authentication-related (LDAP and Kerberos) records
+
+; External services (use CNAME to local A, or A and TXT-wrapped CNAME, or CNAME if ok with partner)
+
+; Public local services (use CNAME)
+
+; Private zone roots, mailhubs and non-CNAME services (use A)
+
+; Private hosts (use A)
+
+; Private wildcards of zone roots, hosts and non-CNAME services (use CNAME)
+
+; Private CNAME-mapped PTR records
+
+; Private services (use CNAME)
+
+; Private CNAME-mapped PTR records
diff --git a/bind/pri/JONES-mailonly b/bind/pri/JONES-mailonly
index 3a7d975..6be8883 100644
--- a/bind/pri/JONES-mailonly
+++ b/bind/pri/JONES-mailonly
@@ -1,10 +1,12 @@
 $TTL    3600
 @		SOA	dns.jones.dk.	dr.jones.dk. (
-			2007082301	; serial
+			2007103101	; serial
 			3600		; refresh
 			1800		; retry
 			604800		; expire
 			3600 )		; Negative Cache TTL
+
+; Public zone roots, mailhubs and non-CNAME services (use A)
 		NS	dns.jones.dk.
 		NS	ns.bitbase.dk.
 		NS	ns.superserver.dk.
@@ -17,3 +19,29 @@ $TTL    3600
 		TXT	"v=spf1 mx -all"
 mail		A	80.196.110.134
 		TXT	"v=spf1 a -all"
+
+; External hosts (use A and TXT-wrapped CNAME or PTR)
+
+; Public local hosts (use A)
+
+; Public wildcards of zone roots, hosts and non-CNAME services (use A and TXT or CNAME)
+
+; Public CNAME-mapped PTR records
+
+; Public authentication-related (LDAP and Kerberos) records
+
+; External services (use CNAME to local A, or A and TXT-wrapped CNAME, or CNAME if ok with partner)
+
+; Public local services (use CNAME)
+
+; Private zone roots, mailhubs and non-CNAME services (use A)
+
+; Private hosts (use A)
+
+; Private wildcards of zone roots, hosts and non-CNAME services (use CNAME)
+
+; Private CNAME-mapped PTR records
+
+; Private services (use CNAME)
+
+; Private CNAME-mapped PTR records
diff --git a/bind/pri/JONES-nomail b/bind/pri/JONES-nomail
index 0340ff2..506924a 100644
--- a/bind/pri/JONES-nomail
+++ b/bind/pri/JONES-nomail
@@ -1,15 +1,42 @@
 $TTL    3600
 @		SOA	dns.jones.dk.	dr.jones.dk. (
-			2007082301	; serial (2006021901)
+			2007103101	; serial (2006021901)
 			3600		; refresh
 			1800		; retry
 			604800		; expire
 			3600 )		; Negative Cache TTL
+
+; Public zone roots, mailhubs and non-CNAME services (use A)
+		A	80.196.110.134
 		NS	dns.jones.dk.
 		NS	ns.bitbase.dk.
 		NS	ns.superserver.dk.
 		NS	ns.homebase.dk.
-		A	80.196.110.134
-		TXT	"v=spf1 -all"
-*		A	80.196.110.134
 		TXT	"v=spf1 -all"
+
+; External hosts (use A and TXT-wrapped CNAME or PTR)
+
+; Public local hosts (use A)
+
+; Public wildcards of zone roots, hosts and non-CNAME services (use A and TXT or CNAME)
+*		CNAME	xayide.jones.dk.
+
+; Public CNAME-mapped PTR records
+
+; Public authentication-related (LDAP and Kerberos) records
+
+; External services (use CNAME to local A, or A and TXT-wrapped CNAME, or CNAME if ok with partner)
+
+; Public local services (use CNAME)
+
+; Private zone roots, mailhubs and non-CNAME services (use A)
+
+; Private hosts (use A)
+
+; Private wildcards of zone roots, hosts and non-CNAME services (use CNAME)
+
+; Private CNAME-mapped PTR records
+
+; Private services (use CNAME)
+
+; Private CNAME-mapped PTR records
diff --git a/bind/pri/OFF b/bind/pri/OFF
index b1f9168..5c81f35 100644
--- a/bind/pri/OFF
+++ b/bind/pri/OFF
@@ -1,12 +1,40 @@
 $TTL    3600
 @		SOA	dns.jones.dk.	dr.jones.dk. (
-			2006021901	; serial
+			2007103101	; serial
 			3600		; refresh
 			1800		; retry
 			604800		; expire
 			3600 )		; Negative Cache TTL
+
+; Public zone roots, mailhubs and non-CNAME services (use A)
 		NS	dns.jones.dk.
 		NS	ns.bitbase.dk.
 		NS	ns.superserver.dk.
 		NS	ns.homebase.dk.
 		TXT	"v=spf1 -all"
+
+; External hosts (use A and TXT-wrapped CNAME or PTR)
+
+; Public local hosts (use A)
+
+; Public wildcards of zone roots, hosts and non-CNAME services (use A and TXT or CNAME)
+
+; Public CNAME-mapped PTR records
+
+; Public authentication-related (LDAP and Kerberos) records
+
+; External services (use CNAME to local A, or A and TXT-wrapped CNAME, or CNAME if ok with partner)
+
+; Public local services (use CNAME)
+
+; Private zone roots, mailhubs and non-CNAME services (use A)
+
+; Private hosts (use A)
+
+; Private wildcards of zone roots, hosts and non-CNAME services (use CNAME)
+
+; Private CNAME-mapped PTR records
+
+; Private services (use CNAME)
+
+; Private CNAME-mapped PTR records
diff --git a/bind/pri/jones.dk b/bind/pri/jones.dk
index ec33ba9..6f04b56 100644
--- a/bind/pri/jones.dk
+++ b/bind/pri/jones.dk
@@ -1,12 +1,13 @@
 $TTL	3600
 @		SOA	dns.jones.dk.	dr.jones.dk. (
-			2007102801	; Serial
+			2007103101	; Serial
 			3600		; Refresh
 			1800		; Retry
 			604800		; Expire
 			3600 )		; Negative Cache TTL
 
 ; Public zone roots, mailhubs and non-CNAME services (use A)
+		A	80.196.110.134
 		NS	dns.jones.dk.
 		NS	ns.bitbase.dk.
 		NS	ns.superserver.dk.
@@ -16,7 +17,6 @@ $TTL	3600
 		MX 50	mail.dgi-huset.dk.
 		MX 50	mail.idaa.dk.
 		MX 50	mail.haakansson.com.
-		A	80.196.110.134
 		LOC	55 38 N 012 05 E 100m
 		TXT	"v=spf1 mx -all"
 mail		A	80.196.110.134
@@ -24,6 +24,7 @@ mail		A	80.196.110.134
 		TXT	"v=spf1 a -all"
 dns		A	80.196.110.134
 		LOC	55 38 N 012 05 E 100m
+		TXT	"v=spf1 -all"
 lists		A	80.68.88.141
 		MX 10	lists.jones.dk.
 		MX 50	mail.jones.dk.
@@ -33,7 +34,9 @@ lists		A	80.68.88.141
 		MX 50	mail.haakansson.com.
 		TXT	"v=spf1 mx -all"
 tun		NS	hykrion
+		TXT	"v=spf1 -all"
 entrescenen	NS	nufnuf
+		TXT	"v=spf1 -all"
 
 ; External hosts (use A and TXT-wrapped CNAME or PTR)
 ida		A	85.81.138.117
@@ -44,6 +47,7 @@ ida		A	85.81.138.117
 		TXT	"PTR=ida.idaa.dk"
 		TXT	"CNAME=0x55518a75.adsl.cybercity.dk"
 		TXT	"Addr=Aarhus"
+		TXT	"v=spf1 -all"
 tulle		A	80.166.107.122
 		HINFO	"Intel Celeron" "Debian GNU/Linux"
 		TXT	"Owner=Christoffer Haakansson"
@@ -52,7 +56,7 @@ tulle		A	80.166.107.122
 		TXT	"PTR=cpe.atm2-0-54151.0x50a66b7a.arcnxx17.customer.tele.dk"
 		TXT	"CNAME=tulle.haakansson.com"
 		TXT	"Addr=Aarhus"
-; picasso		A	62.243.172.143
+		TXT	"v=spf1 -all"
 picasso		A	87.60.232.172
 		HINFO	"AMD Sempron" "Debian GNU/Linux"
 		TXT	"Owner=Nicolai Wallner"
@@ -61,6 +65,7 @@ picasso		A	87.60.232.172
 		TXT	"PTR=0x3ef3ac8f.bynxx3.adsl-dhcp.tele.dk"
 		TXT	"CNAME=picasso.haakansson.com"
 		TXT	"Addr=Islands Brygge, Copenhagen"
+		TXT	"v=spf1 -all"
 jawa		A	87.57.161.214
 		HINFO	"Intel Pentium IV" "Debian GNU/Linux"
 		TXT	"Owner=Homebase"
@@ -69,6 +74,7 @@ jawa		A	87.57.161.214
 		TXT	"PTR=jawa.homebase.dk"
 		TXT	"CNAME=062121169066.sonofon.dk"
 		TXT	"Addr=Aarhus"
+		TXT	"v=spf1 -all"
 coreander	A	80.68.88.141
 		HINFO	"User Mode Linux" "Debian GNU/Linux"
 		TXT	"Owner=IT-guide dr. Jones"
@@ -76,6 +82,7 @@ coreander	A	80.68.88.141
 		TXT	"Link=100Mbit"
 		TXT	"PTR=coreander.bitbase.dk"
 		TXT	"Addr=London"
+		TXT	"v=spf1 -all"
 coreander-old	A	83.133.64.38
 		HINFO	"VIA EPIA-800 (Ezra)" "Debian GNU/Linux"
 		TXT	"Owner=Bitbase ApS"
@@ -83,6 +90,7 @@ coreander-old	A	83.133.64.38
 		TXT	"Link=100Mbit"
 		TXT	"PTR=coreander.bitbase.dk"
 		TXT	"Addr=Vesterbro, Copenhagen"
+		TXT	"v=spf1 -all"
 cherry		A	195.184.109.89
 		HINFO	"AMD Duron" "Debian GNU/Linux"
 		TXT	"Owner=Lab"
@@ -91,6 +99,7 @@ cherry		A	195.184.109.89
 		TXT	"PTR=cherry.107b.dk"
 ;		TXT	"CNAME=213.237.80.158.adsl.vbr.worldonline.dk"
 ;		TXT	"Addr=Vesterbro, Copenhagen"
+		TXT	"v=spf1 -all"
 satsbutikken	A	80.160.77.114
 		HINFO	"AMD K6" "Debian GNU/Linux"
 		TXT	"Owner=Satsbutikken"
@@ -99,6 +108,7 @@ satsbutikken	A	80.160.77.114
 		TXT	"PTR=debian.satsbutikken.local"
 		TXT	"CNAME=cpe.atm0-0-0-1151139.0x503e670a.bynxx4.customer.tele.dk"
 		TXT	"Addr=Nyhavn, Copenhagen"
+		TXT	"v=spf1 -all"
 pluto		A	80.166.109.186
 		HINFO	"Intel Celeron" "Debian GNU/Linux"
 		TXT	"Owner=DGI-huset"
@@ -106,6 +116,7 @@ pluto		A	80.166.109.186
 		TXT	"Link=ADSL"
 		TXT	"PTR=pluto.dgi-huset.dk"
 		TXT	"Addr=Aarhus"
+		TXT	"v=spf1 -all"
 nero		A	83.88.159.184
 		HINFO	"AMD Duron" "Debian GNU/Linux"
 		TXT	"Owner=DGI-huset"
@@ -114,6 +125,7 @@ nero		A	83.88.159.184
 		TXT	"PTR=nero.dgi-huset.dk"
 		TXT	"CNAME=0x53589fb8.arcnxx20.adsl-dhcp.tele.dk"
 		TXT	"Addr=Aarhus"
+		TXT	"v=spf1 -all"
 tutti		A	83.92.155.37
 		HINFO	"VIA ME6000 (Samuel 2)" "Debian GNU/Linux"
 		TXT	"Owner=Christen Bang-Madsen"
@@ -121,6 +133,7 @@ tutti		A	83.92.155.37
 		TXT	"Link=ADSL"
 		TXT	"PTR=0x535c9b25.hsnxx2.adsl-dhcp.tele.dk"
 		TXT	"Addr=Horsens"
+		TXT	"v=spf1 -all"
 frutti		A	80.62.82.130
 		HINFO	"VIA EPIA-800 (Ezra)" "Debian GNU/Linux"
 		TXT	"Owner=Christen Bang-Madsen"
@@ -128,6 +141,7 @@ frutti		A	80.62.82.130
 		TXT	"Link=ADSL"
 		TXT	"PTR=0x503e5282.hsnxx2.adsl-dhcp.tele.dk"
 		TXT	"Addr=Horsens"
+		TXT	"v=spf1 -all"
 kandinsky	A	195.18.232.142
 		HINFO	"Intel Pentium III" "Debian GNU/Linux"
 		TXT	"Owner=NKS"
@@ -135,6 +149,7 @@ kandinsky	A	195.18.232.142
 		TXT	"Link=??"
 		TXT	"PTR=kandinsky.kaospilot.no"
 		TXT	"Addr=Majorstua, Oslo"
+		TXT	"v=spf1 -all"
 magnatek	A	83.72.192.197
 		HINFO	"Intel Pentium 4" "Debian GNU/Linux"
 		TXT	"Owner=Magnatek"
@@ -142,6 +157,7 @@ magnatek	A	83.72.192.197
 		TXT	"Link=ADSL"
 		TXT	"PTR=83.72.192.197.ip.tele2adsl.dk"
 		TXT	"Addr=Oesterbro, Copenhagen"
+		TXT	"v=spf1 -all"
 nufnuf		A	87.48.106.188
 		HINFO	"Intel Pentium III" "Debian GNU/Linux"
 		TXT	"Owner=Entréscenen"
@@ -149,82 +165,90 @@ nufnuf		A	87.48.106.188
 		TXT	"Link=ADSL"
 		TXT	"PTR=0x57306abc.arcnxx13.adsl-dhcp.tele.dk"
 		TXT	"Addr=Aarhus"
+		TXT	"v=spf1 -all"
 
 ; Public local hosts (use A)
 xayide		A	80.196.110.134
-		LOC	55 38 N 012 05 E 100m
 		HINFO	"VIA EPIA VE5000 (fanless Samuel 2)" "Debian GNU/Linux"
+		LOC	55 38 N 012 05 E 100m
 		TXT	"Owner=IT-guide dr. Jones v/ Jonas Smedegaard"
 		TXT	"ISP=TDC"
 		TXT	"Link=ADSL"
 		TXT	"CNAME=0x50c46e86.naenxx3.adsl-dhcp.tele.dk"
 		TXT	"Addr=Mogenstrup, Regstrup"
+		TXT	"v=spf1 a -all"
 		TYPE44	\# 22 01 01 ccd62a927603b0b166105c381c8b8e6ad2d9c4fa
 		TYPE44	\# 22 02 01 e4f5fb784e2372e2ee7332506a59eb01066dc6c8
 auryn		HINFO	"Intel Core 2 Duo (macbook)" "Debian GNU/Linux"
 		TXT	"Owner=IT-guide dr. Jones v/ Jonas Smedegaard"
+		TXT	"v=spf1 a -all"
 auryn_old	HINFO	"PowerPC 7410 (albook)" "Debian GNU/Linux"
 		TXT	"Owner=IT-guide dr. Jones v/ Jonas Smedegaard"
-;hysbald		A	213.83.190.243
+		TXT	"v=spf1 a -all"
 hysbald		A	80.196.110.134 ; via xayide.jones.dk
-		LOC	55 38 N 012 05 E 100m
 		HINFO	"VIA C3M266 (fanless Nehemiah)" "Debian GNU/Linux"
+		LOC	55 38 N 012 05 E 100m
 		TXT	"Desc=Application server @ MSG"
 		TXT	"Owner=IT-guide dr. Jones v/ Jonas Smedegaard"
 		TXT	"ISP=TDC"
 		TXT	"Link=ADSL"
 		TXT	"CNAME=0x50c46e86.naenxx3.adsl-dhcp.tele.dk"
 		TXT	"Addr=Mogenstrup, Regstrup"
+		TXT	"v=spf1 a -all"
 		TYPE44	\# 22 01 01 42c039819d2a94fb5379e3bc8fd1a001f316a71e
 		TYPE44	\# 22 02 01 de9694a8c4b0fa8ac7e6d95ea7e7c45b3034ca3f
 ;graograman	A	XXX
-;		LOC	55 38 N 012 05 E 100m
 ;		HINFO	"VIA EPIA ME6000 (fanless Samuel 2)" "Debian GNU/Linux"
+;		LOC	55 38 N 012 05 E 100m
 slamuf		A	80.196.110.134 ; via xayide.jones.dk
-		LOC	55 38 N 012 05 E 100m
 		HINFO	"VIA EPIA VE5000 (fanless Samuel 2)" "Debian GNU/Linux"
+		LOC	55 38 N 012 05 E 100m
 		TXT	"Desc=Backup server @ MSG"
 		TXT	"Owner=IT guide dr. Jones v/ Jonas Smedegaard"
 		TXT	"ISP=TDC"
 		TXT	"Link=ADSL"
 		TXT	"CNAME=0x50c46e86.naenxx3.adsl-dhcp.tele.dk"
 		TXT	"Addr=Mogenstrup, Regstrup"
+		TXT	"v=spf1 a -all"
 cairon		A	80.196.110.134 ; via xayide.jones.dk
-		LOC	55 38 N 012 05 E 100m
 		HINFO	"Linksys NSLU2" "Debian GNU/Linux"
+		LOC	55 38 N 012 05 E 100m
 		TXT	"Desc=Kerberos KDC"
 		TXT	"Owner=IT-guide dr. Jones v/ Jonas Smedegaard"
 		TXT	"ISP=TDC"
 		TXT	"Link=ADSL"
 		TXT	"CNAME=0x50c46e86.naenxx3.adsl-dhcp.tele.dk"
 		TXT	"Addr=Mogenstrup, Regstrup"
-;hykrion		A	62.121.186.250
+		TXT	"v=spf1 a -all"
 hykrion		A	80.196.110.134 ; via xayide.jones.dk
-		LOC	55 38 N 012 05 E 100m
 		HINFO	"Via EPIA MS10000E (fanless Nehemiah)" "Debian GNU/Linux"
+		LOC	55 38 N 012 05 E 100m
 		TXT	"Desc=Development server @ MSG"
 		TXT	"Owner=IT-guide dr. Jones v/ Jonas Smedegaard"
 		TXT	"ISP=TDC"
 		TXT	"Link=ADSL"
 		TXT	"CNAME=0x50c46e86.naenxx3.adsl-dhcp.tele.dk"
 		TXT	"Addr=Mogenstrup, Regstrup"
+		TXT	"v=spf1 a -all"
 		TYPE44	\# 22 01 01 90ee0425dad042c75888a1096c1fe7e6b1056f05
 		TYPE44	\# 22 02 01 b448b97ad701842d0f08d44981d212d0fc9022eb
 perilin		A	80.196.110.134 ; via xayide.jones.dk
-		LOC	55 38 N 012 05 E 100m
 		HINFO	"VIA Epia CL6000E (fanless Samuel 2)" "Debian GNU/Linux"
+		LOC	55 38 N 012 05 E 100m
 		TXT	"Desc=Development server @ MSG"
 		TXT	"Owner=IT-guide dr. Jones v/ Jonas Smedegaard"
 		TXT	"ISP=TDC"
 		TXT	"Link=ADSL"
 		TXT	"CNAME=0x50c46e86.naenxx3.adsl-dhcp.tele.dk"
 		TXT	"Addr=Mogenstrup, Regstrup"
+		TXT	"v=spf1 a -all"
 
 ; Public wildcards of zone roots, hosts and non-CNAME services (use A and TXT or CNAME)
 *.mail		CNAME	mail
 *.lists		CNAME	lists
 *.hysbald	CNAME	hysbald
 *.auryn 	A	192.168.0.103
+		TXT	"v=spf1 -all"
 
 ; Public CNAME-mapped PTR records
 ;80.196.110.134	PTR	hykrion
diff --git a/bind/pri/xpositionreverse.org b/bind/pri/xpositionreverse.org
index b65724d..a961cd6 100644
--- a/bind/pri/xpositionreverse.org
+++ b/bind/pri/xpositionreverse.org
@@ -1,22 +1,49 @@
 $TTL    3600
 @		SOA	dns.jones.dk.	dr.jones.dk. (
-			2007062101	; serial (2006021901)
+			2007103101	; serial (2006021901)
 			3600		; refresh
 			1800		; retry
 			604800		; expire
 			3600 )		; Negative Cache TTL
+
+; Public zone roots, mailhubs and non-CNAME services (use A)
+		A	80.68.88.141
 		NS	dns.jones.dk.
 		NS	ns.bitbase.dk.
 		NS	ns.superserver.dk.
 		NS	ns.homebase.dk.
-		A	80.68.88.141
 		TXT	"v=spf1 -all"
+
+; External hosts (use A and TXT-wrapped CNAME or PTR)
 aarhus		A	83.94.204.31
 		TXT	"v=spf1 -all"
 gothenburg	A	83.140.87.74
 		TXT	"v=spf1 -all"
-phone		CNAME	coreander.bitbase.dk.
 afv		A	62.242.105.84
 		TXT	"v=spf1 -all"
-*		A	80.68.88.141
-		TXT	"v=spf1 -all"
+
+; Public local hosts (use A)
+
+; Public wildcards of zone roots, hosts and non-CNAME services (use A and TXT or CNAME)
+*		CNAME	coreander.jones.dk.
+
+; Public CNAME-mapped PTR records
+
+; Public authentication-related (LDAP and Kerberos) records
+
+; External services (use CNAME to local A, or A and TXT-wrapped CNAME, or CNAME if ok with partner)
+phone		CNAME	coreander.bitbase.dk.
+
+; Public local services (use CNAME)
+
+; Private zone roots, mailhubs and non-CNAME services (use A)
+
+; Private hosts (use A)
+
+; Private wildcards of zone roots, hosts and non-CNAME services (use CNAME)
+
+; Private CNAME-mapped PTR records
+
+; Private services (use CNAME)
+
+; Private CNAME-mapped PTR records
-- 
cgit v1.2.3