AWS Route 53
SPF Verification
SPF hard fail example...
v=spf1 ip4:192.168.0.1 -all
In the above example the minus "-" in front of "all" means that any senders not listed in this SPF record should be treated as a "hardfail", ie. they are unauthorised and emails from them should be discarded. In this case only the IP address 192.168.0.1 is authorized to send emails.
SPF soft fail example...
v=spf1 include:amazonses.com ~all
In the above example the tilde "~" in front of "all" means that any servers not listed in this SPF record should be treated as a "softfail", ie. mail can be allowed through but should be tagged as spam or suspicious. In this case the include:spf.protection.outook.com authorizes Office 365 to send emails. Any emails originating from different servers should be marked as spam by the receivers.
Command Line
cli53
There is an unofficial, well maintained command line app called cli53.
cli53 provides import and export from BIND format and simple command line management of Route 53 domains.
Features:
- import and export BIND format
- create, delete and list hosted zones
- create, delete and update individual records
- create AWS extensions: failover, geolocation, latency, weighted and ALIAS records
- create, delete and use reusable delegation sets
Latest version: 0.8.18 (17 JAN 2021)
https://github.com/barnybug/cli53/releases/latest
Install software...
wget -O cli53 https://github.com/barnybug/cli53/releases/download/0.8.18/cli53-linux-amd64 sudo install -m 755 ./cli53 /usr/local/bin/cli53
Configure...
To configure your Amazon credentials, either place them in a file ~/.aws/credentials:
[default] aws_access_key_id = AKID1234567890 aws_secret_access_key = MY-SECRET-KEY
Export Zone File As TXT
List domain name zones...
cli53 list --profile default
Export domain name zone...
cli53 export --full --profile default domain.co.uk
Adding Zones
cli53 create example.com --comment 'my first zone'
Adding Records
A record...
cli53 rrcreate example.com 'www 60 A 192.168.0.1'
A record using specific AWS profile...
cli53 rrcreate --profile profilename example.com 'www 60 A 192.168.0.1'
MX record...
cli53 rrcreate example.com '@ MX 10 mail1.' '@ MX 20 mail2.'
Editing Records
cli53 rrcreate --replace example.com 'www 60 A 192.168.0.2'
Deleting Records
cli53 rrdelete example.com www A cli53 rrdelete example.com @ MX
Redirect Domain Using S3
https://aws.amazon.com/premiumsupport/knowledge-center/redirect-domain-route-53/
Route 53 Hosted Zone -> A Record ALIAS -> S3 Bucket Endpoint -> Static Website Hosting -> Redirect Requests -> Domain
Make sure you create a bucket with the same subdomain as well.
e.g.
domain.co.uk -> bucket with exact same name www.domain.co.uk -> bucket with exact same name
Thanks - http://www.holovaty.com/writing/aws-domain-redirection/
Use GANDI Free Email Forwarding
https://dev.to/peterdenham/personal-domain-e-mail-on-aws-with-gandi-4ofl