I have a VPS server that only deals with email hosting. This server does not have any designated domain name pointing to it. Its only one VPS with one IP address.
I am running CentOS 6.5 Minimal, 32bit with Postfix and Dovecot installed. This is currently what my etc/postfix/main.cf looks like (for domain/hosting attributes).
# INTERNET HOST AND DOMAIN NAMES
#
# The myhostname parameter specifies the internet hostname of this
# mail system. The default is to use the fully-qualified domain name
# from gethostname(). $myhostname is used as a default value for many
# other configuration parameters.
#
myhostname =
#myhostname =
# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#
mydomain =
# SENDING MAIL
#
# The myorigin parameter specifies the domain that locally-posted
# mail appears to come from. The default is to append $myhostname,
# which is fine for small sites. If you run a domain with multiple
# machines, you should (1) change this to $mydomain and (2) set up
# a domain-wide alias database that aliases each user to
# user#that.users.mailhost.
#
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no #domain part.
#
#myorigin = $myhostname
myorigin = $mydomain
As you might have noticed, both myhostname & mydomain fields are empty. The reason for this is, the server doesn't really have a domain or hostname. What should I be doing in this case?
I have an M record pointing to mail.my-domain.tld and MX record pointing to mail.my-domain.tld
Can I use mail.my-domain.tld for both as mydomain = and myhostname = in main.cf? Because my-domain.tld is pointing to another VPS with another IP, which takes care of only web hosting.
myhostname - The internet hostname of this mail system. Here use mail.my-domain.tld
mydomain - The internet domain name of this mail system. The default is to use
$myhostname minus the first component.$mydomain is used as a default value for many other configuration parameters. So here use my-domain.tld
This VPS (mail server) can just serve your mail traffic and as you said your my-domain.tld web hosting can be in a different VPS server.
Hope that helps.
Related
I'm working on a powershell script which requires a domain controller to be accessed via its netbios name, NP-DOMAIN.
However, the domain controller exists at the other end of a VPN tunnel, and there are no WINS servers configured nor DNS search suffix.
I have no administrator rights, so can't edit the local hosts file.
I have the IP address of the domain controller, but I need to specify the netbios name. Is there a way I can add name resolution of the netbios name to the IP address, just for this PowerShell session?
The part of the script that requires the netbios name is:
$DomainEntry = New-Object -TypeName System.DirectoryServices.DirectoryEntry "LDAP://$($netBiosName)" ,$credentials.UserName,$($credentials.GetNetworkCredential().password)
The purpose of the script is to allow users to change their passwords on the remote domain controller.
We are running sendmail-8.13.4 on AIX.
I need to update the configuration and make sendmail act as a relay client only, meaning it will only be used to send mail out of the host and NOT accept mail.
Here is my client.mc config:
include(`/usr/samples/tcpip/sendmail/m4/cf.m4')
VERSIONID(`sendmail config for aix7')
OSTYPE(`aixsample')dnl
MASQUERADE_AS(`myserver.com')dnl
FEATURE(`masquerade_envelope')dnl
FEATURE(`accept_unresolvable_domains')
FEATURE(`accept_unqualified_senders')
FEATURE(always_add_domain)dnl
FEATURE(`nullclient',`mail-relay.xxxx.myserver.com')dnl
define(`STATUS_FILE', `/etc/mail/statistics')dnl
define(`MAIL_HUB', `myserver.com.')dnl
define(`LOCAL_RELAY', `myserver.com.')dnl
We have an MS Exchange server, so we are basically using sendmail on a particular AIX host to forward all email to the exchange server and let Exchange handle everything.
The above configuration works fine for sending email to recipients
mail user#myserver.com
What I also need to do is be able to send the email with only specifying the alias part and not the domain, so if I do:
mail user (omitting the #myserver.com recipient domain part)
I want sendmail to append the #myserver.com in this situation where a domain is not given. Is this possible without maintaining some sort of alias/list file for every possible userid > userid#mydomain.com?
Thanks.
You can use approach mentioned in sendmail FAQ 4.22 - make sendmail accept smtp connections only on (local) loopback ip interface.
Sendmail FAQ 4.22 : Why can't I receive external mail?
It may be achieved by the following lines in sendmail.mc file used to generated sendmail.cf file:
dnl Do no listen on msa(587) port
FEATURE(`no_default_msa')dnl
dnl Listen on IPv6 loopback address
dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl
dnl Listen on IPv4 loopback address
DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp, Addr=127.0.0.1')dnl
I'm very confused by the fundamentals of DNS records (in this case MX records). Right now I have registered a domain name (let's call it example.com). This domain is configured to my linode's IP via their nameservers.
The default MX record that is in the Domain Manager is 'mail.example.com'. Fair enough.
I followed this tutorial about setting up a exim server.
Exim Tutorial in Linode Library
and I'm kind of confused. My default hostname on the machine is 'antares' and thus the FQDN is 'antares.example.com'. In this tutorial I don't see how this 'mail.example.com' is coming into play? Where do I specify this? Or should I point the mail MX record to antares.example.com?
I'm very new to DNS records and even more new to mail records. Any hints to clarify my misunderstanding would be invaluable.
the DNS server for your domain will by default serve up the www or .domain.com entry to web browsers etc but it actually hosts a bunch of name pointers for other services, one of which is mail exchange.
Services which need your mx record value know how to look it up from your DNS server, so in this case they will find mail.domain.com when you supply the domain.com part.
If you need to set up a mail server you will need to change the mx record in your domain manager to point to your machine ip, this can be different from your default www host name/ip on the same domain as every service can be served by a different host (any ip).
Spamassasin gives the following flag on my emails:
*
0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
"This test checks to see if there is a reverse DNS entry
for the last untrusted relay. Note that this may be done by
interpreting information in the relevant Received header - if reverse
DNS checks are not performed by the first trusted relay, or if they
are not recorded in the Received header, this test will be triggered
(regardless of the actual rDNS status)."
*
The only ip I can see on my emails are 94.143.11.2 -> which you can reverse dns to trophymanager.com. Google and hotmail have no problems with this - but Spamassassin gives it a flag - what am I missing here?
not sure about spamassassin, but many mail filters / MTAs (postfix for example) only accept the rDNS entry if it's Forward-confirmed. In your case, the forward confirmation does not work:
dig -x 94.143.11.2 +short
man01.trophymanager.com.
but man01.trophymanager.com does not have an A record.
Create an DNS record :
man01.trophymanager.com A 94.143.11.2
and Spamassassin probably won't complain anymore.
If your hosting account comes with an IP address, you might be able to change this within the dashboard of your hosting account, or open a ticket with your host if you're not sure.
That solved my "SMTP Reverse DNS Mismatch" error on https://mxtoolbox.com
However, mxtoolbox.com still complains "Reverse DNS is not a valid Hostname" the explanation from them is:
Your Reverse DNS Record (PTR) is not a valid host name. According to
email sending best practices, a PTR Record should be a valid host
name. If the PTR Record is not a valid hostname, there is a likelihood
that you will experience email delivery issues with anti-spam
services.
I looked up my registrar -- Namecheap says:
A PTR (pointer) record maps an IP address to the domain name. It’s
often called a "reverse DNS entry" because it converts an IP address
to a name.
PTR records are mostly used as a security and anti-spam measure, to
verify that a mail server address is allowed to send an email to a
particular hostname. The reverse DNS entry checks if a server name is
indeed associated with an IP address from where the connection was
initiated.
In order to set up a reverse DNS entry that will connect an IP address
to your domain (e.g., 127.0.0.1 should be mapped to yourdomain.com),
you will need to contact your IP address provider to create a PTR
record for the IP address.
It's possible I just need to wait a day, because when I updated the reverse DNS with my host there was a message saying "please wait 6-12 hours." If I remember, I'll come back and write an update.
The OP asks about this issue, but the other answers don't address that:
-0.8 RDNS_NONE Delivered to internal network by a host with no rDNS
This is caused by reverse lookups of 127.0.0.1 returning localhost, commonly caused by redirecting mail in-and-out-of localhost for spam/virus filtering (like through amavis). It will create headers like this with rDNS showing incorrectly for as localhost for 127.0.0.1:
Received: from smtp.example.com (**localhost** [127.0.0.1])
by smtp.example.com (Postfix) with ESMTPA id A5F13FEF
for <example#example.com>; Wed, 26 May 2021 17:07:02 -0700 (PDT)
Note that I added *'s around **localhost** above to highlight the issue. By updating /etc/hosts file and placing your hostname before the word localhost it will be be placed correctly in your logs:
So you want this:
~]$ cat /etc/hosts
127.0.0.1 smtp.example.com localhost localhost.localdomain
::1 smtp.example.com localhost localhost.localdomain
not this:
~]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain smtp.example.com
::1 localhost localhost.localdomain smtp.example.com
and definitely not this:
~]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain
::1 localhost localhost.localdomain
... or you can configure rDNS for 127.0.0.1 but that seems silly...just what hostname should a centralized rDNS server with? Indeed, it can't ;)
In Smack API, there is a configuration class for connection, described at this page
ConnectionConfiguration
I am confused about the distinction between service name and server name.
Suppose I have a computer named "mybox.mydomain.com", and I have ejabberd on it with a configured host called "myhost" (using the line {hosts, ["myhost"]}. in ejabbed.cfg),
what is the host name, server name and service name in this case?
myhost: service name (or XMPP domain)
mybox.mydomain.com: hostname and servername.
You can host an XMPP domain over any host, provided that you set the SRV records right in the DNS or if the client specifies to which host it is supposed to connect (like email).
Think of the JID you're using to log in, which contains username # domain. The domain is the logical name of the service you are using. For some services, like jabber.org, the service is run on a box that has the same name as the service. For many others, like WebEx Connect and GoogleTalk, the service domain is a starting point to figure out where to open a socket to, but not the name of the machine. If everything is set up right, you can look up the name of the machine to connect to in the DNS using an SRV record. For example, using dig:
$ dig +short -t SRV _xmpp-server._tcp.gmail.com
20 0 5269 xmpp-server4.l.google.com.
20 0 5269 xmpp-server2.l.google.com.
20 0 5269 xmpp-server1.l.google.com.
5 0 5269 xmpp-server.l.google.com.
20 0 5269 xmpp-server3.l.google.com.
If the service domain is not configured correctly in the DNS, or you're just testing things out, it's often useful to be able to specify this connect host separately from the domain. So for your example, you would use:
ConnectionConfiguration("mybox.mydomain.com",
5222,
"myhost");
If you ever want this service to be accessed by people off of your network (either client-to-server or server-to-server), it would make sense to rename your service domain to be something fully-qualified, to which you can attach SRV records for those external entities to use.