DMARC_BUILDER
DNSControl contains a
DMARC_BUILDER
which can be used to simply create DMARC policies for your domains.This yield the following record:
@ IN TXT "v=DMARC1; p=reject; ruf=mailto:[email protected]"
dnsconfig.js
DMARC_BUILDER({
policy: 'reject',
subdomainPolicy: 'quarantine',
percent: 50,
alignmentSPF: 'r',
alignmentDKIM: 'strict',
rua: [
'mailto:[email protected]',
'https://dmarc.example.com/submit',
],
ruf: [
'mailto:[email protected]',
],
failureOptions: '1',
reportInterval: '1h',
});
dnsconfig.js
DMARC_BUILDER({
label: 'insecure',
policy: 'none',
ruf: [
'mailto:[email protected]',
],
failureOptions: {
SPF: false,
DKIM: true,
},
});
This yields the following records:
@ IN TXT "v=DMARC1; p=reject; sp=quarantine; adkim=s; aspf=r; pct=50; rua=mailto:[email protected],https://dmarc.example.com/submit; ruf=mailto:[email protected]; fo=1; ri=3600"
insecure IN TXT "v=DMARC1; p=none; ruf=mailto:[email protected]; fo=d"
label:
The DNS label for the DMARC record (_dmarc
prefix is added, default:'@'
)version:
The DMARC version to be used (default:DMARC1
)policy:
The DMARC policy (p=
), must be one of'none'
,'quarantine'
,'reject'
subdomainPolicy:
The DMARC policy for subdomains (sp=
), must be one of'none'
,'quarantine'
,'reject'
(optional)alignmentSPF:
'strict'
/'s'
or'relaxed'
/'r'
alignment for SPF (aspf=
, default:'r'
)alignmentDKIM:
'strict'
/'s'
or'relaxed'
/'r'
alignment for DKIM (adkim=
, default:'r'
)percent:
Number between0
and100
, percentage for which policies are applied (pct=
, default:100
)rua:
Array of aggregate report targets (optional)ruf:
Array of failure report targets (optional)failureOptions:
Object or string; Object containing booleansSPF
andDKIM
, string is passed raw (fo=
, default:'0'
)failureFormat:
Format in which failure reports are requested (rf=
, default:'afrf'
)reportInterval:
Interval in which reports are requested (ri=
)ttl:
Input forTTL
method (optional)
- TXT records are automatically split using
AUTOSPLIT
. - URIs in the
rua
andruf
arrays are passed raw. You must percent-encode all commas and exclamation points in the URI itself.
Last modified 19d ago