DNS messed up - instant update records


For a number of -muprhy- reasons i need to update all my slave servers instantly! My actual point is to update all the spf records. I tried to remove my two slave dns and re-add them. The first slave -if we exclude one domain- updated the spf records, the second still tries to piss me off!

Is there a way to do it with a hack?

For future cases. Is there a way to update the all slaves and all zones instantly?

EDIT: I’ve read this post (http://www.virtualmin.com/node/15662#comment-68657) but as fas as i understand i need to sed all these files to achive it, and that’s something I wish i can avoid (if i can) :S

thnx in advance,


Instantly, probably not. But, one could use the API to disable and then enable SPF records in a loop, assuming you have your slave DNS servers setup correctly with Webmin and the Cluster Slave DNS option.

I believe something like this would do it:

# virtualmin modify-dns --all-domains --no-spf
# virtualmin modify-dns --all-domains --spf

Also, make sure you have backups before making major/bulk changes to your system! That’s useful in all sorts of situations, so if you don’t have regular backups happening, I recommend you start doing that now, before even running these commands (though I believe these commands are safe).

Hope this helps!

Oh, wait, are you saying you now don’t have the Allow transfers option set for all these domains for these slave servers? That’d be a very different issue. I’m not sure how one could fix that easily/quickly without sed. Webmin has some bulk record update options, but not for transfers, I don’t think.


No, i have allow transfers option. The issue has been resolved. The problem was that /var/lib/bind/*hosts and /etc/bind/rndc.key had wrong permissions (dont know why).

I solved it by forcing the owner of zone files to bind:bind at Webmin->Servers->Bind->Module Config and set chown bind:bind /var/lib/bind/* && chmod 640 /etc/bind/rndc.key && chown bind:bind /etc/bind/rndc.key

Thanks anyway!

EDIT: that spf “toggle” is really helpful in my situation.

For the history… the first problem i had to deal with was a yahoo & hotmail ban cause of a compromised website. I’ve tried to relay the emails from another server (via transport maps) with really polite settings for yahoo and hotmail, but, I didnt double checked the propagation of the spf record (to see that my dns didnt work as usual -cause of the above) and guess what? Got banned again. :SSSSSSSSS