>>>>> "Bob" == Bob Proulx <b...@proulx.com> writes:
Bob> What's the best configuration for a web server that does not Bob> receive mail but needs to send mail? Password resets. Bug Bob> ticket update notifications. That type of email. (Plus admin Bob> mail such as cron output to root. But I can ensure that is Bob> delivered to me and read.) But the host never needs to receive Bob> email from the public. Just outgoing. Is this about what you Bob> would think too? I would push all the email to the mailserver for the domain served by that web server and let it deal with this issue. Make the client (web server) only send emails through the mail gateway which is setup properly. No need to replicate the pain again and again for individual servers. Bob> o SPF configured Bob> o DKIM configured Bob> o DMARC set as p=none Bob> o No MX records Bob> o inet_interfaces = loopback-only Bob> But some mail configuration testing sites (such as mail-tester.com) Bob> flag sites that send but do not have an MX record for receiving mail. Bob> Presumably because there is no way for a separate bounce notification Bob> message to be sent, even if that isn't desirable. But a reject at Bob> SMTP time is always available. Bob> Strategy wise is an MX record now a required thing for sending mail Bob> like some test sites say? If so then I should set up one. And Bob> arrange for some system somewhere, perhaps this one but probably a Bob> different one, to receive incoming mail for it. But with what Bob> configuration? A catchall that accepts and silently discards all Bob> incoming mail perhaps so as to pass sender address verification? Bob> I am lost at sea thinking of this possible requirement for hosts that Bob> do sender address verification types of things. I would appreciate Bob> any wisdom that might be shared here with regards to a strategy for Bob> this type of web site system. Bob> Thanks! Bob> Bob