From: Sergey Matveev <stargrave@stargrave.org>
Date: Tue, 7 Mar 2023 10:17:35 +0000 (+0300)
Subject: Null MX (RFC 7505)
X-Git-Url: http://www.git.stargrave.org/?p=zdns.git;a=commitdiff_plain;h=8b6f2d5e5d74736b4545fbcb0537adba08365210

Null MX (RFC 7505)
---

diff --git a/README b/README
index 2bc8414..f23846d 100644
--- a/README
+++ b/README
@@ -23,12 +23,12 @@ with Tcl.
   printing necessary CAA and TLSA records
 * ssh(domain) -- searches for corresponding public key in ssh/
   subdirectory and (if it exists) prints corresponding SSHFP record
-* subdomain(domain, addrs, [y nospf dane:PORT]) -- adds specified domain
+* subdomain(domain, addrs, [y mailable dane:PORT]) -- adds specified domain
   with provided space-separated addresses. It automatically calls dane
   and ssh helpers. Third argument is a list containing three optional
-  elements. Unless "nospf" is specified, it prints "-all" SPF policy. If
-  "y" is specified, it adds "y.domain" address with predefined $Y6
-  address and "-all" SPF policy
+  elements. Unless "mailable" is specified, it prints "-all" SPF policy
+  and sets null MX. If "y" is specified, it adds "y.domain" address with
+  predefined $Y6 address with "-all" SPF policy and null MX
 * pgp(keyid, uid) -- prints _openpgpkey DANE record for given OpenPGP
   key of desired UID. "uid" is optional and useful only if your key have
   got multiple UIDs and you need to add only the single specified one
@@ -89,8 +89,10 @@ It will produce:
     _443._tcp.www TLSA 3 1 1 9b98...7b3a
     www SSHFP 4 2 e72b...c53f
     www TXT "v=spf1 -all"
+    www MX 0 .
     y.www AAAA 21a:af91:8d0e:b05:9645:e4e9:12be:3c39
     y.www TXT "v=spf1 -all"
+    y.www MX 0 .
     openpgpkey A 91.211.5.21
     openpgpkey AAAA 2a03:e2c0:2663:1::1
     openpgpkey CAA 0 issue "ca.cypherpunks.ru"
@@ -98,7 +100,9 @@ It will produce:
     openpgpkey CAA 0 issue "cagost.cypherpunks.ru"
     _443._tcp.openpgpkey TLSA 3 1 1 2075...7c3d
     openpgpkey TXT "v=spf1 -all"
+    openpgpkey MX 0 .
     y.openpgpkey AAAA 21a:af91:8d0e:b05:9645:e4e9:12be:3c39
     y.openpgpkey TXT "v=spf1 -all"
+    y.openpgpkey MX 0 .
     ; NNCP releases <releases@nncpgo.org>
     2019...15ac._openpgpkey TYPE61 \# 655 (...)
diff --git a/rc.tcl b/rc.tcl
index db37fea..2fe3d04 100644
--- a/rc.tcl
+++ b/rc.tcl
@@ -10,6 +10,7 @@ set NS1 uz544mqwggqbf3z4utlhfqn45vpbpq78nc63hpg5u2ut29stkt0pkr.ns7.stargrave.org
 set NS2 uz5nulnd504gp3s7sdmdl5l2gxc762hpw926t90k39ltxp67flbccn.ns5.stargrave.org.
 
 set NoSPF {"v=spf1 -all"}
+set NoMX "MX 0 ."
 set ReSPF {"v=spf1 redirect=_spf.stargrave.org"}
 
 proc zone {serial} {
@@ -97,13 +98,17 @@ proc subdomain {dn addrs {flags {}}} {
     dane $dn $danePort
     ssh $dn
 
-    global NoSPF
-    if {[lsearch $flags nospf] == -1} { puts "$short TXT $NoSPF" }
+    global NoSPF NoMX
+    if {[lsearch $flags mailable] == -1} {
+        puts "$short TXT $NoSPF"
+        puts "$short $NoMX"
+    }
     if {[lsearch $flags y] != -1} {
         global Y6
         set short [shorten y.[fqdn $dn]]
         puts "$short AAAA $Y6"
         puts "$short TXT $NoSPF"
+        puts "$short $NoMX"
         ssh $short
     }
 }