From a9d48ad8ed8f938b803f7be43cb097a2dad1a093 Mon Sep 17 00:00:00 2001 From: Kristian Klausen Date: Mon, 16 May 2022 22:31:34 +0200 Subject: [PATCH] mta_sts: Use CRLF line terminators per the RFC[1] [1] https://datatracker.ietf.org/doc/html/rfc8461#section-3.2 --- roles/mta_sts/templates/nginx.d.conf.j2 | 2 +- tf-stage1/archlinux.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/mta_sts/templates/nginx.d.conf.j2 b/roles/mta_sts/templates/nginx.d.conf.j2 index f17e5619..cb7bb041 100644 --- a/roles/mta_sts/templates/nginx.d.conf.j2 +++ b/roles/mta_sts/templates/nginx.d.conf.j2 @@ -33,7 +33,7 @@ server { location = /.well-known/mta-sts.txt { default_type text/plain; # Remember to bump the MTA-STS id in tf-stage1/archlinux.tf - return 200 'version: STSv1\nmode: enforce\nmax_age: 2592000\nmx: {{ config.mx | join('\\nmx: ')}}\n'; + return 200 'version: STSv1\r\nmode: enforce\r\nmax_age: 2592000\r\nmx: {{ config.mx | join('\\r\\nmx: ')}}\r\n'; } location / { diff --git a/tf-stage1/archlinux.tf b/tf-stage1/archlinux.tf index 995d9a85..c6c60414 100644 --- a/tf-stage1/archlinux.tf +++ b/tf-stage1/archlinux.tf @@ -194,7 +194,7 @@ locals { "_smtp._tls.master-key" = { value = "v=TLSRPTv1;rua=mailto:postmaster@archlinux.org" } "_smtp._tls.lists" = { value = "v=TLSRPTv1;rua=mailto:postmaster@archlinux.org" } # Generated with: date +%Y%m%d01 - "_mta-sts" = { value = "v=STSv1; id=2022051601" } + "_mta-sts" = { value = "v=STSv1; id=2022051602" } "@" = { value = "v=spf1 ip4:${hcloud_server.machine["mail.archlinux.org"].ipv4_address} ip6:${hcloud_server.machine["mail.archlinux.org"].ipv6_address} ~all" } "mail" = { value = "v=spf1 ip4:${hcloud_server.machine["mail.archlinux.org"].ipv4_address} ip6:${hcloud_server.machine["mail.archlinux.org"].ipv6_address} ~all" } "aur" = { value = "v=spf1 ip4:${hcloud_server.machine["mail.archlinux.org"].ipv4_address} ip6:${hcloud_server.machine["mail.archlinux.org"].ipv6_address} ~all" }