SPF Value Management for octoDNS
Project description
SPF Value Management for octoDNS
An octoDNS provider that supports managing SPF values in TXT records.
Installation
Command line
pip install octodns-spf
requirements.txt/setup.py
Pinning specific versions or SHAs is recommended to avoid unplanned upgrades.
Versions
# Start with the latest versions and don't just copy what's here
octodns==0.9.14
octodns-spf==0.0.1
SHAs
# Start with the latest/specific versions and don't just copy what's here
-e git+https://git@github.com/octodns/octodns.git@9da19749e28f68407a1c246dfdf65663cdc1c422#egg=octodns
-e git+https://git@github.com/octodns/octodns-spf.git@ec9661f8b335241ae4746eea467a8509205e6a30#egg=octodns_spf
Configuration
Options & Defaults
providers:
spf-google:
class: octodns_spf.SpfSource
# See https://datatracker.ietf.org/doc/html/rfc7208#section-5 for the
# details of the various mechinisms below. Each is an array of zero or more
# items to be added to the SPF record. Mechinisms are specified in the order
# the parameters are listed below and value order is preserved.
# (default: empty list)
a_records: []
mx_records: []
ip4_addresses: []
ip6_addresses: []
includes: []
exists: []
# The "all" value to be appended onto the SPF value, there's not a clear
# consensus on best practice here, but there does seem to be a slight leaning
# towards hard-failing, "-all". Soft-fail can be enabled by setting this
# value to `true`. If for some reason you donot want to specify a fail mode,
# this can be set to `null` and it will be ommited.
# See https://news.ycombinator.com/item?id=34344590 for some discussion
# (default: false, hard fail)
soft_fail: false
# Wether or not this provider will merge it's configuration with any
# prexisting SPF value in an APEX TXT record. If `false` an error will be
# thrown. If `true` the existing values, wether from a previous SpfSource or
# any other provider, will be preserved and this provider's config will be
# appended onto each mechinism.
merging_enabled: false
ttl: 3600
Read World Example
A base that disables all email applied to all Zones
providers:
spf-base:
class: octodns_spf.SpfSource
A follow on source that will add Google Workspace's recommended config
providers:
spf-mail:
class: octodns_spf.SpfSource
includes:
- _spf.google.com
- _spf.salesforce.com
soft_fail: true
merging_enabled: true
Per https://support.google.com/a/answer/10684623?hl=en and https://help.salesforce.com/s/articleView?id=000382664&type=1
Zones would have one or more of these providers added to their sources list
zones:
...
# main zone that will be generally used for email
github.com.:
sources:
- config
- spf-base
- spf-mail
targets:
...
# ancilary zone, pretty much everything else
githubusercontent.com.:
sources:
- config
- spf-base
targets:
...
...
Support Information
Records
TXT
Development
See the /script/ directory for some tools to help with the development process. They generally follow the Script to rule them all pattern. Most useful is ./script/bootstrap which will create a venv and install both the runtime and development related requirements. It will also hook up a pre-commit hook that covers most of what's run by CI.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for octodns_spf-0.0.1-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 13da9a7eec444bf65cedff4f0467917b8f2c9bd4b1d5970a7f2d87757c8ef2a2 |
|
| MD5 | af009995a2967898f0ff042877473867 |
|
| BLAKE2b-256 | 9642c36e2356a934c5cf0f7e471c7ce5907932c3452036d4e8bbb1eaeb86e4c3 |
