From 54ad9551d10e79c6f75197c37573c6fd2616258b Mon Sep 17 00:00:00 2001 From: link2xt Date: Thu, 15 Aug 2024 12:07:11 +0000 Subject: [PATCH] Move MX record to its own subdomain --- .github/workflows/staging-ipv4.testrun.org-default.zone | 1 + .github/workflows/staging.testrun.org-default.zone | 1 + CHANGELOG.md | 2 ++ cmdeploy/src/cmdeploy/__init__.py | 7 ++++++- cmdeploy/src/cmdeploy/chatmail.zone.j2 | 3 ++- cmdeploy/src/cmdeploy/nginx/mta-sts.txt.j2 | 2 +- 6 files changed, 13 insertions(+), 3 deletions(-) diff --git a/.github/workflows/staging-ipv4.testrun.org-default.zone b/.github/workflows/staging-ipv4.testrun.org-default.zone index 5c7df6d8..5a8a804d 100644 --- a/.github/workflows/staging-ipv4.testrun.org-default.zone +++ b/.github/workflows/staging-ipv4.testrun.org-default.zone @@ -19,3 +19,4 @@ $TTL 300 mta-sts.staging-ipv4.testrun.org. CNAME staging-ipv4.testrun.org. iroh.staging-ipv4.testrun.org. CNAME staging-ipv4.testrun.org. www.staging-ipv4.testrun.org. CNAME staging-ipv4.testrun.org. +mx.staging-ipv4.testrun.org. CNAME staging-ipv4.testrun.org. diff --git a/.github/workflows/staging.testrun.org-default.zone b/.github/workflows/staging.testrun.org-default.zone index 311c95f5..f8c1ed92 100644 --- a/.github/workflows/staging.testrun.org-default.zone +++ b/.github/workflows/staging.testrun.org-default.zone @@ -19,4 +19,5 @@ $TTL 300 mta-sts.staging2.testrun.org. CNAME staging2.testrun.org. iroh.staging2.testrun.org. CNAME staging2.testrun.org. www.staging2.testrun.org. CNAME staging2.testrun.org. +mx.staging2.testrun.org. CNAME staging2.testrun.org. diff --git a/CHANGELOG.md b/CHANGELOG.md index 097a8ad5..e7a0db29 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -65,6 +65,8 @@ - fix Dovecot quota_max_mail_size to use max_message_size config value ([#438](https://github.com/deltachat/chatmail/pull/438)) +- Move MX record to its own subdomain + ([#403](https://github.com/deltachat/chatmail/pull/403)) ## 1.4.1 2024-07-31 diff --git a/cmdeploy/src/cmdeploy/__init__.py b/cmdeploy/src/cmdeploy/__init__.py index df5bbaa2..888edb2e 100644 --- a/cmdeploy/src/cmdeploy/__init__.py +++ b/cmdeploy/src/cmdeploy/__init__.py @@ -616,7 +616,12 @@ def deploy_chatmail(config_path: Path, disable_mail: bool) -> None: deploy_iroh_relay(config) # Deploy acmetool to have TLS certificates. - tls_domains = [mail_domain, f"mta-sts.{mail_domain}", f"www.{mail_domain}"] + tls_domains = [ + mail_domain, + f"mta-sts.{mail_domain}", + f"www.{mail_domain}", + f"mx.{mail_domain}", + ] deploy_acmetool( domains=tls_domains, ) diff --git a/cmdeploy/src/cmdeploy/chatmail.zone.j2 b/cmdeploy/src/cmdeploy/chatmail.zone.j2 index f0ba176f..dc5e872a 100644 --- a/cmdeploy/src/cmdeploy/chatmail.zone.j2 +++ b/cmdeploy/src/cmdeploy/chatmail.zone.j2 @@ -7,10 +7,11 @@ {% if AAAA %} {{ mail_domain }}. AAAA {{ AAAA }} {% endif %} -{{ mail_domain }}. MX 10 {{ mail_domain }}. +{{ mail_domain }}. MX 10 mx.{{ mail_domain }}. _mta-sts.{{ mail_domain }}. TXT "v=STSv1; id={{ sts_id }}" mta-sts.{{ mail_domain }}. CNAME {{ mail_domain }}. www.{{ mail_domain }}. CNAME {{ mail_domain }}. +mx.{{ mail_domain }}. CNAME {{ mail_domain }}. {{ dkim_entry }} ; diff --git a/cmdeploy/src/cmdeploy/nginx/mta-sts.txt.j2 b/cmdeploy/src/cmdeploy/nginx/mta-sts.txt.j2 index fc60e936..3b5e7b08 100644 --- a/cmdeploy/src/cmdeploy/nginx/mta-sts.txt.j2 +++ b/cmdeploy/src/cmdeploy/nginx/mta-sts.txt.j2 @@ -1,4 +1,4 @@ version: STSv1 mode: enforce -mx: {{ config.domain_name }} +mx: mx.{{ config.domain_name }} max_age: 2419200