Add /api/domain/{domain}/zonefile.txt (close #331)

[docjyJ]

Allows you to get a DNS zone file.
(close #331)

[CLAassistant]

All committers have signed the CLA.

[williamdes]

Can you add a test or post the output example?

[docjyJ]

Test

docker build -t test-stalwart .
docker run --rm -p 8080:8080 test-stalwart
# Configure domain at http://localhost:8080/manage/directory/domains
# Go in inspecter network and rerun the request http://localhost:8080/api/domain/exemple.org by adding /zonefile.txt at the end

Response

@                  IN MX    10 c0ba54fb141c.

mail               IN CNAME c0ba54fb141c.
202408e._domainkey IN TXT   "v=DKIM1; k=ed25519; h=sha256; p=EHnjL5kd/UdYJKiMMzLAwO1UQyTMzfWxlPPAkyKrS/s="
202408r._domainkey IN TXT   "v=DKIM1; k=rsa; h=sha256; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA92mU29tVC2cagovKxPGw8sZyo2X5wuvh/28A5G1faV1/c3fF8J55SsCv+C7PAejbT8NYCisp1MKkmwdPk9uK23XCgP23673CvMpqwW/akvVgUM9+p/S19FypRStuYeMWUu2MJeye2SaD1oUr6fLqJc34q5RAlz1C3v8u+OnAxSbCjgOSgoeqVTiaOeJ/6hawjopkRUc7dttV7G926ImL3CI2LTRecZGKkT4kOJD9pWI1bJhuEMs4rMhSJeKfsqD9LkyFPFtZfxpnqmsWxWVRydbuE3ORjWj4TO/9BNF2BOj7dDre9mymyHcesl6RIu+AHIpKrWHgu6fT//ZLYD6RMQIDAQAB"
exemple.org        IN TXT   "v=spf1 mx ra=postmaster -all"
_jmap              IN SRV   0 1 443 c0ba54fb141c.
_imaps             IN SRV   0 1 993 c0ba54fb141c.
_imap              IN SRV   0 1 143 c0ba54fb141c.
_pop3s             IN SRV   0 1 995 c0ba54fb141c.
_pop3              IN SRV   0 1 110 c0ba54fb141c.
_submissions       IN SRV   0 1 465 c0ba54fb141c.
_submission        IN SRV   0 1 587 c0ba54fb141c.
autoconfig         IN CNAME c0ba54fb141c.
autodiscover       IN CNAME c0ba54fb141c.
_dmarc             IN TXT   "v=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]"
_smtp._tls         IN TXT   "v=TLSRPTv1; rua=mailto:[email protected]"

[docjyJ]

With new fix

@                  IN MX    10 srv01.exemple.org.
mail               IN CNAME srv01.exemple.org.
202408e._domainkey IN TXT   "v=DKIM1; k=ed25519; h=sha256; p=LcKE2ooudUulo1O+rwtcbMhm3ka8WmXWkXQx7sxg2u4="
202408r._domainkey IN TXT   "v=DKIM1; k=rsa; h=sha256; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4mcq6d3cJOQE7WWjCmtVIwVMKYd2WoY66j9/TEuLgGyXI58UUyUJdNzBC48xH2wM5zmNDUicGhsA5FfwyZCqKEIw3PV0PNSsX+lCAWogJgvaE/SsHf51Bwc0TupPPyr9Qi56shziMcReCLvVG3TkfPw2gwQ3CsTvKyVGknyzX+fpz4a/PYcjySE5Lx5Ijyja3RwZc5jOFAlhOi6B0xxJelnd91LYDiq+QcdZjI3xp+ZEDaZWX9lvnw43ROZjGYrTFw2rRmfLsidFiHM9Yig/0CIJ8UwcczXKZrC2bqApdYJEHkUXqVXp/BqgMWCrxkF3hhmdrJGv+pAGGxePO9q8ZQIDAQAB"
srv01              IN TXT   "v=spf1 a ra=postmaster -all"
@                  IN TXT   "v=spf1 mx ra=postmaster -all"
_jmap              IN SRV   0 1 443 srv01.exemple.org.
_imaps             IN SRV   0 1 993 srv01.exemple.org.
_imap              IN SRV   0 1 143 srv01.exemple.org.
_pop3s             IN SRV   0 1 995 srv01.exemple.org.
_pop3              IN SRV   0 1 110 srv01.exemple.org.
_submissions       IN SRV   0 1 465 srv01.exemple.org.
_submission        IN SRV   0 1 587 srv01.exemple.org.
autoconfig         IN CNAME srv01.exemple.org.
autodiscover       IN CNAME srv01.exemple.org.
_dmarc             IN TXT   "v=DMARC1; p=reject; rua=mailto:[email protected]; ruf=mailto:[email protected]"
_smtp._tls         IN TXT   "v=TLSRPTv1; rua=mailto:[email protected]"

[williamdes]

You are maybe missing two of them:

• Thunderbird
• Microsoft Exchange record

See: https://github.com/wdes/mail-autodiscover-autoconfig/blob/main/templates/dns/zone.txt.tera#L12

[docjyJ]

Thanks for your feedback!

This is not currently implemented so probably need to do another PR or open a ticker. See:

mail-server/crates/jmap/src/api/management/domain.rs

Lines 216 to 255 in 08a95ae

	for (protocol, port, is_tls) in self
	.core
	.storage
	.config
	.get_services()
	.await
	.unwrap_or_default()
	{
	match (protocol.as_str(), port) {
	("smtp", port @ 26..=u16::MAX) => {
	records.push(DnsRecord {
	typ: "SRV".to_string(),
	name: format!(
	"_submission{}._tcp.{domain_name}.",
	if is_tls { "s" } else { "" }
	),
	content: format!("0 1 {port} {server_name}."),
	});
	}
	("imap" | "pop3", port @ 1..=u16::MAX) => {
	records.push(DnsRecord {
	typ: "SRV".to_string(),
	name: format!(
	"_{protocol}{}._tcp.{domain_name}.",
	if is_tls { "s" } else { "" }
	),
	content: format!("0 1 {port} {server_name}."),
	});
	}
	("http", _) if is_tls => {
	has_https = true;
	records.push(DnsRecord {
	typ: "SRV".to_string(),
	name: format!("_jmap._tcp.{domain_name}.",),
	content: format!("0 1 {port} {server_name}."),
	});
	}
	_ => (),
	}
	}

[docjyJ]

One last thing that remains to be implemented is the maximum length of TXT strings. See: #331 (comment)

But what do you think of this PR @mdecimus. Do you find the implementation correct? Do you see another way to do it?

[mdecimus]

Thanks for the PR but I don't think this is necessary, there is already a JSON endpoint that returns the DNS records. You could write a utility that queries this endpoint and generates the text file.

[docjyJ]

Thanks for the PR but I don't think this is necessary, there is already a JSON endpoint that returns the DNS records. You could write a utility that queries this endpoint and generates the text file.

Do you think it's worth doing PR on the admin web repo?

[docjyJ]

@mdecimus

I made a PR on the web admin repo. A readonly textearea displays the area in BIND format.

See stalwartlabs/webadmin#19

thank

[mdecimus]

Thanks, merged.