If an TXT SPF record exists in zoneedit script fails

[ddt3]

An example of a valid SPF record: v=spf1 include:spf.migadu.com -all

This results in the following curl command line options: -d TXT::2::host=@ -d TXT::2::txt=v=spf1 include:spf.migadu.com -all -d TXT::2::ttl=

Where both the white space and the "-all" will be causing problems.

This results in a txt record where only the first part "v=spf1" is used which cannot be saved as zoneedit checks SPF records for validity. I would really appreciate it if you could fix this!

[jeansergegagnon]

Yeah, I had the same issue.

Unfortunately, the script can't do anything about that (unless I missed something) as it's a validation that zoneedit does.

I did add a check in the script to abort and not make a broken dns record as output the error that is being sent by Zoneedit.

The workaround is to activate the "ignore spf validation" in the zoneedit options as the error zoneedit is saying that an spf record much contain an IP but the record I had did not and it was given to me by my service provider.

Disabling that check in my zoneedit account solved my problem

[ddt3]

This is what happens in my case: Before I run the script my spf record looks like this: v=spf1 include:spf.migadu.com -all

after running the script the spf record has changed to: v=spf1 Which then indeed does not pass the zoneedit check. Disabling the check does make the script continue but that is besides the point: my spf record no longer is the same. I am curious to your spf record because it might not need a ip-address but the script removes everything after the first whitespace from the spf record v=spf1 is not a correct record, so the zoneedit check actually does make sense.

If I could understand how to make curl understand that this: -d TXT::2::txt=v=spf1 include:spf.migadu.com -all actually should be read as: -d "TXT::2::txt=v=spf1 include:spf.migadu.com -all" it would solve the problem. But somehow I am not able to make that work which could be caused by the fact that I do not really understand the full script that well :-)

I would really like to be able to use your script, I having been looking for something like this for quite some time.

[ddt3]

I was still hoping for a response on my previous comment. Thank you for your time!

[jeansergegagnon]

Hi, sorry for missing this - after your comment I did implement a fix locally to my copy and wanted to wait until the next cert update to ensure it worked as expected (that's 3 months)

It's a very small change which I will commit and you can let me know if it solves this for you properly.

Thanks

[ddt3]

Would you be able to share that small fix with me (just tell me which lines to changes or better yet: create a branch, that I can pull). In that way the fix gets tested by 2 persons If that is too much of a hassle: I will wait for the fix to be published :-)

Thanks for your work on this!

[jeansergegagnon]

It was a single line change and I already published it.

You can see it in last commit.

On Mon., Mar. 22, 2021, 3:58 a.m. Dries Dokter @.***> wrote:

Would you be able to share that small fix with me (just tell me which lines to changes or better yet: create a branch, that I can pull). In that way the fix gets tested by 2 persons If that is too much of a hassle: I will wait for the fix to be published :-)

Thanks for your work on this!

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/jeansergegagnon/zoneedit_letsencrypt/issues/9#issuecomment-803813272, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADCAF744CYNNJG6O6HGH3ELTE3TBHANCNFSM4WFKPWAQ .

[ddt3]

Just created a wild card domain and it worked flawlessly, keeping my spf record intact. Thank you Jean!

[jeansergegagnon]

Awesome

On Sat., Mar. 27, 2021, 7:39 a.m. Dries Dokter @.***> wrote:

Just created a wild card domain and it worked flawlessly, keeping my spf record intact. Thank you Jean!

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/jeansergegagnon/zoneedit_letsencrypt/issues/9#issuecomment-808709304, or unsubscribe https://github.com/notifications/unsubscribe-auth/ADCAF74KGMLSB5VA364CKBTTFWYW5ANCNFSM4WFKPWAQ .