From 86983b241dac23b3da7aa0dc3b3c0cc210742620 Mon Sep 17 00:00:00 2001
From: Tunui Franken <tfranken@protonmail.com>
Date: Sat, 28 Sep 2024 12:40:58 +0200
Subject: [PATCH] Add role mailserver_dmarc

---
 playbook_mailserver.yml               | 2 ++
 roles/mailserver_dmarc/tasks/main.yml | 9 +++++++++
 2 files changed, 11 insertions(+)
 create mode 100644 roles/mailserver_dmarc/tasks/main.yml

diff --git a/playbook_mailserver.yml b/playbook_mailserver.yml
index e645c19..a756007 100644
--- a/playbook_mailserver.yml
+++ b/playbook_mailserver.yml
@@ -24,3 +24,5 @@
       tags: dkim
     - role: mailserver_spf
       tags: spf
+    - role: mailserver_dmarc
+      tags: dmarc
diff --git a/roles/mailserver_dmarc/tasks/main.yml b/roles/mailserver_dmarc/tasks/main.yml
new file mode 100644
index 0000000..33b6b7c
--- /dev/null
+++ b/roles/mailserver_dmarc/tasks/main.yml
@@ -0,0 +1,9 @@
+---
+
+- name: Set DMARC TXT record
+  ansible.builtin.set_fact:
+    dmarc_txt_record: "_dmarc.{{ virtual_domain }}. IN TXT \"v=DMARC1; p=reject; pct=100; adkim=s; rua=mailto:postmaster@{{ virtual_domain }}\""
+
+- name: Print DMARC TXT record for the DNS zone
+  ansible.builtin.debug:
+    msg: "Don't forget to add this to your DNS zone:\n{{ dmarc_txt_record }}"