X-Git-Url: https://git.distorted.org.uk/~mdw/zones/blobdiff_plain/11178c6eacc457403b2e114df47dc5de67ff07fb..cacadc0b96cd058d9ffb4f226649bf2c80a1ef26:/distorted.lisp?ds=sidebyside

diff --git a/distorted.lisp b/distorted.lisp
index 8147a62..062d685 100644
--- a/distorted.lisp
+++ b/distorted.lisp
@@ -84,8 +84,17 @@
   ((@ mail blackhole) :mx mail :srv ((:smtp mail)))
   (bugs :mx lists :srv ((:smtp bugs)))
   (lists :mx lists :srv ((:smtp lists)))
+  (_dmarc :dmarc (:v "DMARC1"
+		  :p "quarantine" :sp "quarantine"
+		  :adkim "s" :aspf "s"))
   ((_domainkey _domainkey.mail) :dname stratocaster.dkim)
+  ((stratocaster @ mail) :spf ((:version "spf1")
+			       (:pass :ip stratocaster.dmz)
+			       (:soft :all)))
   ((_domainkey.bugs _domainkey.lists) :dname telecaster.dkim)
+  ((telecaster bugs lists) :spf ((:version "spf1")
+				 (:pass :ip telecaster.dmz)
+				 (:soft :all)))
 
   ;; Anycast services.
   (dns0 :anycast ((any dns0.any) (dmz radius.dmz)
@@ -202,8 +211,7 @@
 
   ;; Virtual hosts.
   (national :abbrev n (linode :abbrev nl) (upn :abbrev ny))
-  (national (linode :addr national.linode)
-	    (upn :addr national.upn))
+  (national (linode :addr national.linode) (upn :addr national.upn))
   (mdwdev (upn :addr mdwdev.upn))
 
   ;; Nicko's servers.
@@ -371,10 +379,10 @@
 
 #+view/outside
 (defzone dhcp.distorted.org.uk
-  :ns ((radius.ns :ip radius.dmz)
-       (precision.ns :ip precision.dmz)
-       (telecaster.ns :ip telecaster.dmz)
-       (national.ns :ip national.linode))
+  :ns ((radius.ns :ip radius)
+       (precision.ns :ip precision)
+       (telecaster.ns :ip telecaster)
+       (national.ns :ip national))
   (gibson :addr gibson.unsafe)
   (crybaby :addr crybaby.unsafe)
   (lespaul :addr lespaul.unsafe)
@@ -397,19 +405,19 @@
 
 #+view/outside
 (defzone stratocaster.dkim.distorted.org.uk
-  :ns ((radius.ns :ip radius.dmz)
-       (precision.ns :ip precision.dmz)
-       (telecaster.ns :ip telecaster.dmz)
-       (national.ns :ip national.linode)
+  :ns ((radius.ns :ip radius)
+       (precision.ns :ip precision)
+       (telecaster.ns :ip telecaster)
+       (national.ns :ip national)
        (mythic-beasts-1.ns :ip mythic-ns1)
        (mythic-beasts-2.ns :ip mythic-ns2)
        (mythic-beasts-3.ns :ip mythic-ns3)))
 #+view/outside
 (defzone telecaster.dkim.distorted.org.uk
-  :ns ((radius.ns :ip radius.dmz)
-       (precision.ns :ip precision.dmz)
-       (telecaster.ns :ip telecaster.dmz)
-       (national.ns :ip national.linode)
+  :ns ((radius.ns :ip radius)
+       (precision.ns :ip precision)
+       (telecaster.ns :ip telecaster)
+       (national.ns :ip national)
        (mythic-beasts-1.ns :ip mythic-ns1)
        (mythic-beasts-2.ns :ip mythic-ns2)
        (mythic-beasts-3.ns :ip mythic-ns3)))