This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

DNS messed up - instant update records

4 posts / 0 new

Topic locked

Last post

#1 Tue, 11/11/2014 - 04:02

specktator

DNS messed up - instant update records

Hi,

For a number of -muprhy- reasons i need to update all my slave servers instantly! My actual point is to update all the spf records. I tried to remove my two slave dns and re-add them. The first slave -if we exclude one domain- updated the spf records, the second still tries to piss me off!

Is there a way to do it with a hack?

For future cases. Is there a way to update the all slaves and all zones instantly?

EDIT: I've read this post (http://www.virtualmin.com/node/15662#comment-68657) but as fas as i understand i need to sed all these files to achive it, and that's something I wish i can avoid (if i can) :S

thnx in advance,

speck

#2 Tue, 11/11/2014 - 17:12

Joe

Instantly, probably not. But, one could use the API to disable and then enable SPF records in a loop, assuming you have your slave DNS servers setup correctly with Webmin and the Cluster Slave DNS option.

I believe something like this would do it:

# virtualmin modify-dns --all-domains --no-spf
# virtualmin modify-dns --all-domains --spf

Also, make sure you have backups before making major/bulk changes to your system! That's useful in all sorts of situations, so if you don't have regular backups happening, I recommend you start doing that now, before even running these commands (though I believe these commands are safe).

Hope this helps!

--

Check out the forum guidelines!

#3 Tue, 11/11/2014 - 17:14

Joe

Oh, wait, are you saying you now don't have the Allow transfers option set for all these domains for these slave servers? That'd be a very different issue. I'm not sure how one could fix that easily/quickly without sed. Webmin has some bulk record update options, but not for transfers, I don't think.

--

Check out the forum guidelines!

#4 Tue, 11/11/2014 - 23:24 (Reply to #3)

specktator

hi!

No, i have allow transfers option. The issue has been resolved. The problem was that /var/lib/bind/*hosts and /etc/bind/rndc.key had wrong permissions (dont know why).

I solved it by forcing the owner of zone files to bind:bind at Webmin->Servers->Bind->Module Config and set chown bind:bind /var/lib/bind/* && chmod 640 /etc/bind/rndc.key && chown bind:bind /etc/bind/rndc.key

Thanks anyway!

EDIT: that spf "toggle" is really helpful in my situation.

For the history... the first problem i had to deal with was a yahoo & hotmail ban cause of a compromised website. I've tried to relay the emails from another server (via transport maps) with really polite settings for yahoo and hotmail, but, I didnt double checked the propagation of the spf record (to see that my dns didnt work as usual -cause of the above) and guess what? Got banned again. :SSSSSSSSS

Topic locked