Apr 132019
 

I am about to make changes to my mail servers. I am changing third-party providers. In anticipation of this change, I will drop the TTL on my DNS MX records. This should minimize the time it takes for this change to take effect.

I say should because not all servers honor the specified TTL.

I started with one of my lesser used domains, to make sure I had the nsupdate commands correct. Here is what I came up with. I use example.com here because …. this is an example.

nsupdate -k ~/Kdan.dns.hidden.master.+392+19201.key
server dns-hidden-master.int.unixathome.org
zone example.com.
update delete example.com. IN MX
update add    example.com. 180 IN MX 10 ASPMX.L.GOOGLE.COM.
update add    example.com. 180 IN MX 50 ALT1.ASPMX.L.GOOGLE.COM.
update add    example.com. 180 IN MX 50 ALT2.ASPMX.L.GOOGLE.COM.
update add    example.com. 180 IN MX 70 ALT3.ASPMX.L.GOOGLE.COM.
update add    example.com. 180 IN MX 70 ALT4.ASPMX.L.GOOGLE.COM.

Here is that stuff running:

[dan@dns-hidden-master:~] $ nsupdate -k ~/Kdan.dns.hidden.master.+392+19201.key
> server dns-hidden-master.int.unixathome.org
> zone example.com.
> update delete example.com. IN MX
> update add    example.com. 180 IN MX 10 ASPMX.L.GOOGLE.COM.
> update add    example.com. 180 IN MX 50 ALT1.ASPMX.L.GOOGLE.COM.
> update add    example.com. 180 IN MX 50 ALT2.ASPMX.L.GOOGLE.COM.
> update add    example.com. 180 IN MX 70 ALT3.ASPMX.L.GOOGLE.COM.
> update add    example.com. 180 IN MX 70 ALT4.ASPMX.L.GOOGLE.COM.
> send
> quit
[dan@dns-hidden-master:~] $ 

And it worked.

Let’s try a script

I don’t want to amend this script for every domain. I searched and found this helpful suggestion which I used as a starting point.

To get my list of domains, I ran this command in the working directory on my bind server.

ls *.db | xargs -n 1 -J % basename % .db | sort

Now I have this script:

$ cat adjust-MX-TTL-google-nsupdate
#!/bin/sh

/usr/local/bin/nsupdate -k ${KEY} -v << -vEOT
server ${SOA}
zone ${DOMAIN}
update delete ${DOMAIN}. IN MX
update add    ${DOMAIN}. ${TTL} IN MX 10 ASPMX.L.GOOGLE.COM.
update add    ${DOMAIN}. ${TTL} IN MX 50 ALT1.ASPMX.L.GOOGLE.COM.
update add    ${DOMAIN}. ${TTL} IN MX 50 ALT2.ASPMX.L.GOOGLE.COM.
update add    ${DOMAIN}. ${TTL} IN MX 70 ALT3.ASPMX.L.GOOGLE.COM.
update add    ${DOMAIN}. ${TTL} IN MX 70 ALT4.ASPMX.L.GOOGLE.COM.
send
EOT
$ 

Next, I created a config script:

$ cat config 
#!/bin/sh

DOMAINS="example.com
example.net
example.org"

export SOA="dns-hidden-master.int.unixathome.org"
export KEY="/usr/home/dan/Kdan.dns.hidden.master.+xxx+yyyyy"
export TTL="180"
$ 

This is the script which does it all:

$ cat adjust-MX-TTL
#!/bin/sh

. ./config

for domain in ${DOMAINS}
do
  export DOMAIN=${domain}
  ./adjust-MX-TTL-google-nsupdate
done
$

Hope that helps.

I’ll be using this script again later, with modifications, to change the MX records.

Website Pin Facebook Twitter Myspace Friendfeed Technorati del.icio.us Digg Google StumbleUpon Premium Responsive