I want to set up heroku and my MX records such that whenever I spin up a review app, eMail can already be routed to it.
For example, if I create a new review app and heroku assigns it the name:
company-feature-email-123abc.staging.example.com
I want there to already be be a wildcard MX record in my zone file to successfully route eMail to that review app.
What's the right way to phrase this MX record?
A wildcard MX record would look like this in a DNS zone file:
*.example.com. IN MX 10 <mail-server-name>
Make sure to read RFC 1912 section 2.7: Wildcard records. Here's part of it:
Wildcard MXs are useful mostly for non IP-connected sites. A common
mistake is thinking that a wildcard MX for a zone will apply to all
hosts in the zone. A wildcard MX will apply only to names in the
zone which aren't listed in the DNS at all. e.g.,
podunk.xx. IN NS ns1
IN NS ns2
mary IN A 1.2.3.4
*.podunk.xx. IN MX 5 sue
Mail for mary.podunk.xx will be sent to itself for delivery. Only
mail for jane.podunk.xx or any hosts you don't see above will be sent
to the MX. For most Internet sites, wildcard MX records are not
useful. You need to put explicit MX records on every host.
See also this answer to a similar question on server fault:
https://serverfault.com/a/405640/494284
Related
I just purchased mail domain service to my new domain.
Domain was registered in GoDaddy, mail domain purchased also in goDaddy( looks like outlook365)
But Nameservers are routed to Google nameservers, because hosting is in Google Cloud
I already did all setup in Google DNS Cloud yesterday, but still unable to continue to complete email setup in GoDaddy portal.
Before we can finish setting up your account, we need to verify that you own domain>
Sorry, we can't verify your settings, yet. It can take up to 24 hours for us to detect the update. Please double-check you entered the information correctly, and try again in a bit.
Here are my screenshots from GCP DNS
So I am not sure if I did correctly all settings in Cloud DNS.
Can you plese check my conf in GCP DNS ?
Specially I am not sure if I've filled correctly SRV, TXT data fields,
So I receive this conf info from Godaddy : how to setup >
1)
TXT Record: Find where to add a TXT record and enter
Name TXT Value
# MS=ms5789897
# v=spf1 include:spf.protection.outlook.com -all
2)
CNAME Records: Find where to add a CNAME record and enter
Host Points to
autodiscover autodiscover.outlook.com
sip sipdir.online.lync.com
lyncdiscover webdir.online.lync.com
email email.secureserver.net
msoid clientconfig.microsoftonline-p.net
3)
MX Records: Find where to add an MX record and enter
Host Priority Target
# 0 mydomain.mail.protection.outlook.com
4)
SRV Records: Find where to add an SRV record and enter
Port Protocol Name Service Priority Weight Target
443 _tls # _sip 100 1 sipdir.online.lync.com
5061 _tcp # _sipfederationtls 100 1 sipfed.online.lync.com
Ok, finally mail setup is done. :)
Issue was TXT verification, I got multiple TXT records in DNS before...FIxed, so feel free to remove this topic :)
I am bit confused with setting up SPF DNS Record. I followed what others suggested on their website as a solution. After setting up SPF TXT DNS Record and waiting for sometime, I tested my domain name for SPF Record on the website MXToolBox, but it keeps reporting SPF DNS Record not found. However, without WWW for my domain, MXToolBox website reports SPF DNS Record is found. Have a look at the images in the bottom. I hope someone could explain to me why this is.
SPF TXT Record
MXToolBox Website Result with and without www for our domain.
But if you go to MXToolBox overall summery page for your domain, it says You have no SPF TXT Record at all.
I think there's a small amount of confusion here. You show the results from looking up www.rel-tek.com, and indeed that does not have an SPF record, which is correct. I expect that mxtoolbox may be seeing an old version of your DNS.
When I check SPF for your bare domain, it succeeds, just as you've configured it:
# dig +short txt rel-tek.com
"v=spf1 mx ip4:96.236.199.65 ~all"
You should not expect your www host to have an SPF record, nor should it have an mx of its own.
One tip: when you make changes to your DNS, reduce the TTL to say 300 (5 minutes). This makes it much easier to see changes, and stops bad settings from sticking around in caches for too long, letting you fix mistakes more easily. If you use dig on a command line (install the dnsutils package on Debian linuxen), you can tell it to target your home name server so you can bypass all the secondary caches and see what your real DNS is serving, so for you you might say:
dig +short txt #ns75.worldnic.com rel-tek.com
I have a domain name, mysite.com registered with a provider at ns1.dnsprovider.com and ns2.dnsprovider.com.
mysite.com is a Wordpress site on WHM/cPanel at IP: 111.222.333.444
I can set my DNS records at DNSProvider to point at 111.222.333.444 for the websites - no problem. I also need to set up email facilities.
This I'm struggling with. I'm simply running the standard Exim package in cPanel.
I figure I need to set up an A record mail.mysite.com for IP 111.222.333.444 but I also need to set up MX records. Would this be to mail.mysite.com with priority 0 and 10?
Also what about DKIM and SPF records? What would I need to enter?
First a quick note: If the mail server is on the same IP address you do not need the extra A record, since there is already an A record the MX record can use.
As for the MX record, it depends on what the mail addresses will be. For the one you mentioned the mail addresses will be user#mail.example.com, if you want them to be user#example.com, then the MX record must be for example.com, like this:
# MX 10 mail.example.com.
Where mail.example.com is the extra A record you wanted to create, you can also point the record to example.com, since it has an A record pointed to the IP of the mail server.
Now for the SPF record it depends on which servers will be send mails on behalf of your domain. If only your server (this includes your web site, since they are on the same IP) the SPF record can be like this:
# TXT "v=spf1 a -all"
This allows the IP of your A record to send mails and "forbids" everybody else.
The DKIM record is in the following format:
default._domainkey TXT "v=DKIM1; p=yourPublicKey"
You should generate yourPublicKey and also a private key, with which you will sign your mails (note that you can simply skip the whole DKIM part)
I'm in the process of moving my DNS to Google Cloud Platform and wish to set up vanity nameservers.
Is this possible with gloud?
I have two domains currently in my project
abc-net.co.uk (vanity)
abc.co.uk (company domain)
I have set 4 records of
ns1.abc-net.co.uk A -> 216.239.32.109 (ns-cloud-d1.googledomains.com)
ns2.abc-net.co.uk A -> 216.239.34.109 (ns-cloud-d2.googledomains.com)
ns3.abc-net.co.uk A -> 216.239.36.109 (ns-cloud-d3.googledomains.com)
ns4.abc-net.co.uk A -> 216.239.38.109 (ns-cloud-d4.googledomains.com)
I have compiled all records in my project for abc.co.uk but when I run a dig against #ns1.abc-net.co.uk it tells me recursion is not allowed
Can I not set up vanity nameservers?
NS Specification
NS records must point to address records (e.g. A and AAAA) and not to alias records (e.g. CNAME).
- see RFC 2181 section 10.3
Summary
Correctly creating Google Cloud vanity nameservers is possible, but does require the risk of future server down-time if Google changes any nameserver IP addresses associated with your vanity nameservers. If such a risk does not bother you, use the following directions to create them.
Directions
Note: The following directions were provided at a time when IPv4 A and IPv6 AAAA records ruled the web.
Get each nameserver's IPv4 and IPv6 address.
``` $ host ns-cloud-x0.googledomains.com ```<br/><br/>
Create A and AAAA records for each vanity nameserver at your domain's local DNS zone.
Register each vanity nameserver's FQDN, IPv4, and IPv6 with your domain's registrar (e.g. Enom and GoDaddy).
Wait for your registrar to confirm the addition of your vanity nameservers.
Wait 24-72 hours to allow the new DNS records time to propagate.
Update the NS and SOA records of your domains to point to your vanity servers.
Yes, it is perfectly doable with Google Domains.
In the Custom resource records section, create A records and point them to Google DNS servers (ns1.abc-net.co.uk A -> 216.239.32.109, etc.), exactly as you did above
In the Registered hosts section, create glue records (ns1.abc-net.co.uk, etc.), pointing them to the same Google servers
In the Nameservers section, enter your custom name servers (ns1.abc-net.co.uk, etc.).
Wait for DNS propagation (it will be near instant if you use Google or Cloudflare DNS resolver).
Note that you won't be able to have DNSSEC active.
Hope this helps.
Instead of A records hardcoding the IPv4 address of ns-cloud-d#.googledomains.com, create 4 CNAME records, ns#.abc-net.co.uk, pointing to the ns-cloud-d#.googledomains.com servers. Then, your NS record would be all four of the ns#.abc-net.co.uk names that you made CNAME records for. I just did this with my domain and it is working great.
This allows the IP addresses of Google's resolver servers to change without breaking your DNS functionality. Additionally, IPv6 clients will resolve over IPv6.
I'm very confused by the fundamentals of DNS records (in this case MX records). Right now I have registered a domain name (let's call it example.com). This domain is configured to my linode's IP via their nameservers.
The default MX record that is in the Domain Manager is 'mail.example.com'. Fair enough.
I followed this tutorial about setting up a exim server.
Exim Tutorial in Linode Library
and I'm kind of confused. My default hostname on the machine is 'antares' and thus the FQDN is 'antares.example.com'. In this tutorial I don't see how this 'mail.example.com' is coming into play? Where do I specify this? Or should I point the mail MX record to antares.example.com?
I'm very new to DNS records and even more new to mail records. Any hints to clarify my misunderstanding would be invaluable.
the DNS server for your domain will by default serve up the www or .domain.com entry to web browsers etc but it actually hosts a bunch of name pointers for other services, one of which is mail exchange.
Services which need your mx record value know how to look it up from your DNS server, so in this case they will find mail.domain.com when you supply the domain.com part.
If you need to set up a mail server you will need to change the mx record in your domain manager to point to your machine ip, this can be different from your default www host name/ip on the same domain as every service can be served by a different host (any ip).