On Wed, Mar 07, 2018 at 01:15:27PM +1100, Nic Baxter wrote:
> I host a number of domains on a Centos 7 VPS. Now I am setting up a VPS with
> only one domain hosted. I am trying to get my head around issues with naming
> especially regarding RDNS and a mail server. Should I name the server
> host.domain.com or just domain.com?
The domain itself needs, at minimum, an SOA record, two or more NS records,
and an MX record.
The MX record has to point to an A record, **NOT** an IP address or CNAME. If
the domain isn't supposed to accept mail give it an MX record like:
@ IN MX 10 does-not-accept-mail
with the A record being something like this to cause an immediate bounce back
to the sender
does-not-accept-mail IN A 127.0.0.1
The NS records also have to point to an A record. They can be in your domain,
or in your DNS hosting provider's domain. or noth.
The domain may also have an A record. IMO, it should have one, and it should
be the same as the primary web site, so that http://example.com/ works the
same as e.g. http://www.example.com/ - your web server should be configured to
accept both, and preferably redirect to the canonical name. It doesn't really
matter which you prefer (with or without the www.) as long as you use the same
You probably want separate "hostnames" (A records) for mail & www even if they
all point to the same IP address. This will make it easier to move either or
both of those services later if it ever becomes necessary.
So the minimal zone file would look something like:
@ IN SOA example.com. hostmaster.example.com. (
2018030701 ; Serial
10800 ; Refresh - 3 hours
1800 ; Retry - 30 minutes
604800 ; Expire - 7 Days
43200 ) ; Minimum - 12 hours
IN NS ns1.yourisp.example.net.
IN NS ns2.yourisp.example.net.
IN MX 10 mail
IN A ip.ip.ip.ip
www IN A ip.ip.ip.ip
mail IN A ip.ip.ip.ip
Note that none of the hostnames in the domain have a trailing dot. That's so
they get $ORIGIN auto-appended.
BTW, having a matching reverse-DNS entry for the MX records hostname is nice,
and definitely worth doing if you can, but it's not necessary. Very few mail
servers reject mail because of something trivial like that - it's not common
these days for people to have any control over the .in-addr.arpa zones for the
tiny subnets they get allocated by their ISP.
craig sanders <c...@taz.net.au>
luv-main mailing list