From b52364a87384d286ecd262af52b498f85275df42 Mon Sep 17 00:00:00 2001
From: Udo Waechter <udo@maketank.net>
Date: Thu, 15 Dec 2016 13:10:39 +0100
Subject: [PATCH 1/7] DKIM and dmarc hardcoded

---
 scripts/jobs/cron_tasks.inc.dns.10.bind.php | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/scripts/jobs/cron_tasks.inc.dns.10.bind.php b/scripts/jobs/cron_tasks.inc.dns.10.bind.php
index 06fbc9c8..90a2b4cd 100644
--- a/scripts/jobs/cron_tasks.inc.dns.10.bind.php
+++ b/scripts/jobs/cron_tasks.inc.dns.10.bind.php
@@ -137,7 +137,18 @@ class bind extends DnsBase
 			// close allow-transfer
 			$bindconf_file .= '	};' . "\n";
 		}
-
+		$bindconf_file .= '
+_dmarc IN TXT "v=DMARC1; p=reject; rua=mailto:nyvpxtul@ag.dmarcian-eu.com; fo=1; adkim=r; aspf=r; pct=100; rf=afrf; ri=86400;"
+mx._domainkey	IN TXT ("v=DKIM1; k=rsa;"
+"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk6+Y5RkqqGeTxWmULWE"
+"6Z+6SA9M/ccJW9cVhjKLbrGOc3/i0lTvIY1KqNGxvcqZEFyVJJsXL6dnWIcmYY01"
+"GIeVL0nAxjLenW3NKFn+bpTmIiHYEegti4R5Il5NRm8o9g41pYqf3yVfqHKr8zNj"
+"LnnxBySTX2HpBgTtIZmK13IIbdeeE02aJi5g9AjxpkDak6iv8/kIOVaIgvFKSrSJ"
+"E6XZs2ap+RxYLxhDegIwevEFIUUqKYKxwFBx1ELRbvRkxZknH3PdWE9IJqGRxi02"
+"gvGhqjXP3JykumRBC47OHeufAeNsx5xy6tsetTq1rOPvMOCeBq1hQWKNUowTMP+/"
+"CQIDAQAB"
+)
+';
 		$bindconf_file .= '};' . "\n";
 		$bindconf_file .= "\n";
 

From 480afb0ccdf60ed44603bb5acfe4d42269a66a9e Mon Sep 17 00:00:00 2001
From: Udo Waechter <udo@maketank.net>
Date: Thu, 15 Dec 2016 13:20:33 +0100
Subject: [PATCH 2/7] what a bullshit

---
 scripts/jobs/cron_tasks.inc.dns.10.bind.php | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/scripts/jobs/cron_tasks.inc.dns.10.bind.php b/scripts/jobs/cron_tasks.inc.dns.10.bind.php
index 90a2b4cd..c2416599 100644
--- a/scripts/jobs/cron_tasks.inc.dns.10.bind.php
+++ b/scripts/jobs/cron_tasks.inc.dns.10.bind.php
@@ -137,18 +137,6 @@ class bind extends DnsBase
 			// close allow-transfer
 			$bindconf_file .= '	};' . "\n";
 		}
-		$bindconf_file .= '
-_dmarc IN TXT "v=DMARC1; p=reject; rua=mailto:nyvpxtul@ag.dmarcian-eu.com; fo=1; adkim=r; aspf=r; pct=100; rf=afrf; ri=86400;"
-mx._domainkey	IN TXT ("v=DKIM1; k=rsa;"
-"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk6+Y5RkqqGeTxWmULWE"
-"6Z+6SA9M/ccJW9cVhjKLbrGOc3/i0lTvIY1KqNGxvcqZEFyVJJsXL6dnWIcmYY01"
-"GIeVL0nAxjLenW3NKFn+bpTmIiHYEegti4R5Il5NRm8o9g41pYqf3yVfqHKr8zNj"
-"LnnxBySTX2HpBgTtIZmK13IIbdeeE02aJi5g9AjxpkDak6iv8/kIOVaIgvFKSrSJ"
-"E6XZs2ap+RxYLxhDegIwevEFIUUqKYKxwFBx1ELRbvRkxZknH3PdWE9IJqGRxi02"
-"gvGhqjXP3JykumRBC47OHeufAeNsx5xy6tsetTq1rOPvMOCeBq1hQWKNUowTMP+/"
-"CQIDAQAB"
-)
-';
 		$bindconf_file .= '};' . "\n";
 		$bindconf_file .= "\n";
 

From 8686b54fb853e5f842d2604026d24c323e076071 Mon Sep 17 00:00:00 2001
From: Udo Waechter <udo@maketank.net>
Date: Thu, 15 Dec 2016 13:29:15 +0100
Subject: [PATCH 3/7] DKIM and dmarc hardcoded

---
 lib/functions/dns/function.createDomainZone.php | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/lib/functions/dns/function.createDomainZone.php b/lib/functions/dns/function.createDomainZone.php
index b99f193a..8cc19167 100644
--- a/lib/functions/dns/function.createDomainZone.php
+++ b/lib/functions/dns/function.createDomainZone.php
@@ -232,7 +232,19 @@ function createDomainZone($domain_id, $froxlorhostname = false, $isMainButSubTo
 			if (Settings::Get('dkim.use_dkim') == '1') {
 				$dkim_entries = generateDkimEntries($domain);
 			}
+			#DKIM AND DMARC
+			$zonerecords[] = new DnsEntry('mx._domainkey', 'TXT', '("v=DKIM1; k=rsa;"
+			    "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk6+Y5RkqqGeTxWmULWE"
+			    "6Z+6SA9M/ccJW9cVhjKLbrGOc3/i0lTvIY1KqNGxvcqZEFyVJJsXL6dnWIcmYY01"
+			    "GIeVL0nAxjLenW3NKFn+bpTmIiHYEegti4R5Il5NRm8o9g41pYqf3yVfqHKr8zNj"
+			    "LnnxBySTX2HpBgTtIZmK13IIbdeeE02aJi5g9AjxpkDak6iv8/kIOVaIgvFKSrSJ"
+			    "E6XZs2ap+RxYLxhDegIwevEFIUUqKYKxwFBx1ELRbvRkxZknH3PdWE9IJqGRxi02"
+			    "gvGhqjXP3JykumRBC47OHeufAeNsx5xy6tsetTq1rOPvMOCeBq1hQWKNUowTMP+/"
+			    "CQIDAQAB"
+			    )');
 
+			$zonerecords[] = new DnsEntry('_dmarc', 'TXT', encloseTXTContent('v=DMARC1; p=reject; rua=mailto:nyvpxtul@ag.dmarcian-eu.com; fo=1; adkim=r; aspf=r; pct=100; rf=afrf; ri=86400;'));
+			
 			foreach ($required_entries as $type => $records) {
 				if ($type == 'TXT') {
 					foreach ($records as $record) {

From 3167df99477823d6e54aa58d2828a9d2fdc379ad Mon Sep 17 00:00:00 2001
From: Udo Waechter <udo@maketank.net>
Date: Thu, 15 Dec 2016 13:31:26 +0100
Subject: [PATCH 4/7] DKIM and dmarc hardcoded

---
 .../dns/function.createDomainZone.php         | 69 ++++++++++---------
 1 file changed, 35 insertions(+), 34 deletions(-)

diff --git a/lib/functions/dns/function.createDomainZone.php b/lib/functions/dns/function.createDomainZone.php
index 8cc19167..7bff185e 100644
--- a/lib/functions/dns/function.createDomainZone.php
+++ b/lib/functions/dns/function.createDomainZone.php
@@ -232,53 +232,54 @@ function createDomainZone($domain_id, $froxlorhostname = false, $isMainButSubTo
 			if (Settings::Get('dkim.use_dkim') == '1') {
 				$dkim_entries = generateDkimEntries($domain);
 			}
-			#DKIM AND DMARC
-			$zonerecords[] = new DnsEntry('mx._domainkey', 'TXT', '("v=DKIM1; k=rsa;"
-			    "p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk6+Y5RkqqGeTxWmULWE"
-			    "6Z+6SA9M/ccJW9cVhjKLbrGOc3/i0lTvIY1KqNGxvcqZEFyVJJsXL6dnWIcmYY01"
-			    "GIeVL0nAxjLenW3NKFn+bpTmIiHYEegti4R5Il5NRm8o9g41pYqf3yVfqHKr8zNj"
-			    "LnnxBySTX2HpBgTtIZmK13IIbdeeE02aJi5g9AjxpkDak6iv8/kIOVaIgvFKSrSJ"
-			    "E6XZs2ap+RxYLxhDegIwevEFIUUqKYKxwFBx1ELRbvRkxZknH3PdWE9IJqGRxi02"
-			    "gvGhqjXP3JykumRBC47OHeufAeNsx5xy6tsetTq1rOPvMOCeBq1hQWKNUowTMP+/"
-			    "CQIDAQAB"
+			if ($domain['isemaildomain'] === '1') {
+			    #DKIM AND DMARC
+			    $zonerecords[] = new DnsEntry('mx._domainkey', 'TXT', '("v=DKIM1; k=rsa;"
+				"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk6+Y5RkqqGeTxWmULWE"
+				"6Z+6SA9M/ccJW9cVhjKLbrGOc3/i0lTvIY1KqNGxvcqZEFyVJJsXL6dnWIcmYY01"
+				"GIeVL0nAxjLenW3NKFn+bpTmIiHYEegti4R5Il5NRm8o9g41pYqf3yVfqHKr8zNj"
+				"LnnxBySTX2HpBgTtIZmK13IIbdeeE02aJi5g9AjxpkDak6iv8/kIOVaIgvFKSrSJ"
+				"E6XZs2ap+RxYLxhDegIwevEFIUUqKYKxwFBx1ELRbvRkxZknH3PdWE9IJqGRxi02"
+				"gvGhqjXP3JykumRBC47OHeufAeNsx5xy6tsetTq1rOPvMOCeBq1hQWKNUowTMP+/"
+				"CQIDAQAB"
 			    )');
 
-			$zonerecords[] = new DnsEntry('_dmarc', 'TXT', encloseTXTContent('v=DMARC1; p=reject; rua=mailto:nyvpxtul@ag.dmarcian-eu.com; fo=1; adkim=r; aspf=r; pct=100; rf=afrf; ri=86400;'));
-			
+			    $zonerecords[] = new DnsEntry('_dmarc', 'TXT', encloseTXTContent('v=DMARC1; p=reject; rua=mailto:nyvpxtul@ag.dmarcian-eu.com; fo=1; adkim=r; aspf=r; pct=100; rf=afrf; ri=86400;'));
+			}
 			foreach ($required_entries as $type => $records) {
-				if ($type == 'TXT') {
-					foreach ($records as $record) {
-						if ($record == '@SPF@') {
-							$txt_content = Settings::Get('spf.spf_entry');
-							$zonerecords[] = new DnsEntry('@', 'TXT', encloseTXTContent($txt_content));
-						} elseif ($record == 'dkim_' . $domain['dkim_id'] . '._domainkey' && ! empty($dkim_entries)) {
-							// check for multiline entry
-							$multiline = false;
-							if (substr($dkim_entries[0], 0, 1) == '(') {
-								$multiline = true;
-							}
-							$zonerecords[] = new DnsEntry($record, 'TXT', encloseTXTContent($dkim_entries[0], $multiline));
-						} elseif ($record == '_adsp._domainkey' && ! empty($dkim_entries) && isset($dkim_entries[1])) {
-							$zonerecords[] = new DnsEntry($record, 'TXT', encloseTXTContent($dkim_entries[1]));
-						}
+			    if ($type == 'TXT') {
+				foreach ($records as $record) {
+				    if ($record == '@SPF@') {
+					$txt_content = Settings::Get('spf.spf_entry');
+					$zonerecords[] = new DnsEntry('@', 'TXT', encloseTXTContent($txt_content));
+				    } elseif ($record == 'dkim_' . $domain['dkim_id'] . '._domainkey' && ! empty($dkim_entries)) {
+					// check for multiline entry
+					$multiline = false;
+					if (substr($dkim_entries[0], 0, 1) == '(') {
+					    $multiline = true;
 					}
+					$zonerecords[] = new DnsEntry($record, 'TXT', encloseTXTContent($dkim_entries[0], $multiline));
+				    } elseif ($record == '_adsp._domainkey' && ! empty($dkim_entries) && isset($dkim_entries[1])) {
+					$zonerecords[] = new DnsEntry($record, 'TXT', encloseTXTContent($dkim_entries[1]));
+				    }
 				}
+			    }
 			}
 		}
 	}
 
 	if (empty($primary_ns)) {
-		// TODO log error: no NS given, use system-hostname
-		$primary_ns = Settings::Get('system.hostname');
+	    // TODO log error: no NS given, use system-hostname
+	    $primary_ns = Settings::Get('system.hostname');
 	}
 
 	if (! $isMainButSubTo) {
-		$date = date('Ymd');
-		$domain['bindserial'] = (preg_match('/^' . $date . '/', $domain['bindserial']) ?
-			$domain['bindserial'] + 1 :
-			$date . '00');
-		if (!$froxlorhostname) {
-			$upd_stmt = Database::prepare("
+	    $date = date('Ymd');
+	    $domain['bindserial'] = (preg_match('/^' . $date . '/', $domain['bindserial']) ?
+		$domain['bindserial'] + 1 :
+		$date . '00');
+	    if (!$froxlorhostname) {
+		$upd_stmt = Database::prepare("
 					UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
 					`bindserial` = :serial
 					 WHERE `id` = :id

From bc550e086ff6c56f93476b4baf6fb63bf2bad8bc Mon Sep 17 00:00:00 2001
From: Udo Waechter <udo@maketank.net>
Date: Thu, 15 Dec 2016 15:31:40 +0100
Subject: [PATCH 5/7] DKIM and dmarc hardcoded

---
 lib/functions/dns/function.createDomainZone.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/functions/dns/function.createDomainZone.php b/lib/functions/dns/function.createDomainZone.php
index 7bff185e..9d94f207 100644
--- a/lib/functions/dns/function.createDomainZone.php
+++ b/lib/functions/dns/function.createDomainZone.php
@@ -232,7 +232,7 @@ function createDomainZone($domain_id, $froxlorhostname = false, $isMainButSubTo
 			if (Settings::Get('dkim.use_dkim') == '1') {
 				$dkim_entries = generateDkimEntries($domain);
 			}
-			if ($domain['isemaildomain'] === '1') {
+			if ($domain['isemaildomain'] == '1') {
 			    #DKIM AND DMARC
 			    $zonerecords[] = new DnsEntry('mx._domainkey', 'TXT', '("v=DKIM1; k=rsa;"
 				"p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyk6+Y5RkqqGeTxWmULWE"

From 924731d54d62edf1aebae0c7ac5e378e02c0bcc5 Mon Sep 17 00:00:00 2001
From: Udo Waechter <udo@maketank.net>
Date: Thu, 15 Dec 2016 15:49:06 +0100
Subject: [PATCH 6/7] disabled AXFR settings

---
 scripts/jobs/cron_tasks.inc.dns.10.bind.php | 50 ++++++++++-----------
 1 file changed, 25 insertions(+), 25 deletions(-)

diff --git a/scripts/jobs/cron_tasks.inc.dns.10.bind.php b/scripts/jobs/cron_tasks.inc.dns.10.bind.php
index c2416599..26401fee 100644
--- a/scripts/jobs/cron_tasks.inc.dns.10.bind.php
+++ b/scripts/jobs/cron_tasks.inc.dns.10.bind.php
@@ -114,31 +114,31 @@ class bind extends DnsBase
 		$bindconf_file .= '	type master;' . "\n";
 		$bindconf_file .= '	file "' . makeCorrectFile(Settings::Get('system.bindconf_directory') . '/' . $domain['zonefile']) . '";' . "\n";
 		$bindconf_file .= '	allow-query { any; };' . "\n";
-
-		if (count($this->_ns) > 0 || count($this->_axfr) > 0) {
-			// open allow-transfer
-			$bindconf_file .= '	allow-transfer {' . "\n";
-			// put nameservers in allow-transfer
-			if (count($this->_ns) > 0) {
-				foreach ($this->_ns as $ns) {
-					foreach ($ns["ips"] as $ip) {
-						$bindconf_file .= '		' . $ip . ";\n";
-					}
-				}
-			}
-			// AXFR server #100
-			if (count($this->_axfr) > 0) {
-				foreach ($this->_axfr as $axfrserver) {
-					if (validate_ip($axfrserver, true) !== false) {
-						$bindconf_file .= '		' . $axfrserver . ';' . "\n";
-					}
-				}
-			}
-			// close allow-transfer
-			$bindconf_file .= '	};' . "\n";
-		}
-		$bindconf_file .= '};' . "\n";
-		$bindconf_file .= "\n";
+		# 2016-12-15 disabled now
+		#if (count($this->_ns) > 0 || count($this->_axfr) > 0) {
+		#	// open allow-transfer
+		#	$bindconf_file .= '	allow-transfer {' . "\n";
+		#	// put nameservers in allow-transfer
+		#	if (count($this->_ns) > 0) {
+		#		foreach ($this->_ns as $ns) {
+		#			foreach ($ns["ips"] as $ip) {
+		#				$bindconf_file .= '		' . $ip . ";\n";
+		#			}
+		#		}
+		#	}
+		#	// AXFR server #100
+		#	if (count($this->_axfr) > 0) {
+		#		foreach ($this->_axfr as $axfrserver) {
+		#			if (validate_ip($axfrserver, true) !== false) {
+		#				$bindconf_file .= '		' . $axfrserver . ';' . "\n";
+		#			}
+		#		}
+		#	}
+		#	// close allow-transfer
+		#	$bindconf_file .= '	};' . "\n";
+		#}
+		#$bindconf_file .= '};' . "\n";
+		#$bindconf_file .= "\n";
 
 		return $bindconf_file;
 	}

From 46bf7005e6e9a9f8404850ac56ebc884617d961c Mon Sep 17 00:00:00 2001
From: Udo Waechter <udo@maketank.net>
Date: Thu, 15 Dec 2016 15:51:21 +0100
Subject: [PATCH 7/7] disabled AXFR settings

---
 scripts/jobs/cron_tasks.inc.dns.10.bind.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/jobs/cron_tasks.inc.dns.10.bind.php b/scripts/jobs/cron_tasks.inc.dns.10.bind.php
index 26401fee..504b733f 100644
--- a/scripts/jobs/cron_tasks.inc.dns.10.bind.php
+++ b/scripts/jobs/cron_tasks.inc.dns.10.bind.php
@@ -137,8 +137,8 @@ class bind extends DnsBase
 		#	// close allow-transfer
 		#	$bindconf_file .= '	};' . "\n";
 		#}
-		#$bindconf_file .= '};' . "\n";
-		#$bindconf_file .= "\n";
+		$bindconf_file .= '};' . "\n";
+		$bindconf_file .= "\n";
 
 		return $bindconf_file;
 	}