In article you write:
>> X.TLD IN MX 10 mail.example.com.
>>
>> is perfectly valid, and quite common for people who don't host their own
>> e-mail.
>
>Okay, but for now each domain will have its one mail server.
If you have one host
MX records cannot point to an IP address. try this:
x.tld MX 10 x.tld.
--
William Brown
Messaging Team
Technology Services, WNYRIC, Erie 1 BOCES
(716) 821-7285
"bind-users" wrote on 08/23/2017
03:28:12 PM:
> From: Tom Browder
On Wed, Aug 23, 2017 at 2:58 PM, John Miller wrote:
> Hi Tom,
>
> You'll want to change your MX records to point to the name, rather
> than the IP, of your mail server. Note that your MX target does _not_
> have to be in the same domain as the one it's serving mail for.
On 08/23/2017 02:59 PM, Tom Browder wrote:
Based on all the comments, I've modified the OP list to this:
# For each domain X.TLD:
X.TLD. IN A 142.54.186.2.
*.X.TLD.IN CNAME X.TLD.
X.TLD. IN MX10 X.TLD.
X.TLD. IN TXT "v=spf1 mx
On 08/23/2017 01:58 PM, John Miller wrote:
Finally, be _very_ careful about using the SPF qualifier "-all" to
start out with. What you're saying there is that the only server
authorized to _send_ mail for X.TLD is the one listed in the MX.
Unless people are always logging directly into the mail
On Wed, Aug 23, 2017 at 17:32 Grant Taylor via bind-users <
bind-users@lists.isc.org> wrote:
...
> I would encourage you to contemplate adding DNSSEC support. DNSSEC will
> enable multiple other options down the road.
I plan to do all that, including running my own nameservers with bind. But
Am 23.08.2017 um 21:58 schrieb John Miller:
Finally, be _very_ careful about using the SPF qualifier "-all" to
start out with. What you're saying there is that the only server
authorized to _send_ mail for X.TLD is the one listed in the MX.
Unless people are always logging directly into the
Am 23.08.2017 um 22:59 schrieb Tom Browder:
On Wed, Aug 23, 2017 at 2:28 PM, Tom Browder wrote:
...
I have a single remote server with one IP address (142.54.186.2) I am using
it to host multiple, independent domains. I am working on configuring a
single postfix
On 08/23/2017 01:28 PM, Tom Browder wrote:
Given such a configuration described in the first paragraph, does the
following set of DNS records for a domain look look appropriate:
# For each domain X.TLD:
X.TLD. INA 142.54.186.2.
*.X.TLD.IN CNAME X.TLD.
On 08/23/2017 05:47 PM, Reindl Harald wrote:
arrakis.thelounge.net. 86399 IN SPF "v=spf1 a
ip4:91.118.73.0/24 ip4:95.129.202.170 -all"
prometheus.thelounge.net. 86399 IN SPF "v=spf1 a
ip4:91.118.73.0/24 ip4:95.129.202.170 -all"
otherwise only @example.com *itself* is
On 08/23/2017 07:31 PM, bind-us...@gtaylor.tnetconsulting.net wrote:
I think that it may be possible for someone to publish a PTR record in
their IP space that reverse resolves to a name of one of your MX
servers. There by allowing their bogus server to send email as you.
It is conceptually
On Wed, Aug 23, 2017 at 17:25 Alan Clegg wrote:
> Now you broke the A record. Get rid of the trailing dot.
>
Done.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from this list
bind-users mailing
Am 24.08.2017 um 03:31 schrieb bind-us...@gtaylor.tnetconsulting.net:
On 08/23/2017 05:47 PM, Reindl Harald wrote:
arrakis.thelounge.net. 86399 IN SPF "v=spf1 a
ip4:91.118.73.0/24 ip4:95.129.202.170 -all"
prometheus.thelounge.net. 86399 IN SPF "v=spf1 a
On 08/23/2017 07:50 PM, Reindl Harald wrote:
> which means again: additional dns lookups while ip-adresses and ranges
> are done with a single lookup
Yes, it does mean additional lookups, which there are a finite number of.
> besides it's not true because SPF has nothing to do with PTR and they
Hi All
I am running a bind 9.9.4-50 resolver on CentOS 7 (kernel
3.10.0-514.26.2.el7.x86_64). I have enabled dnssec and made it into a
validating resolver but I am facing issues with some sites that use CNAME and
getting SERVFAIL. Configs are pretty simple as given below:
**configs
options {
This has nothing to do with BIND, but anyway.
In article you write:
>I would personally try to use -all for new domains from the word go.
Only if you want your mail to mysteriously disappear. There are a lot
of perfectly legitimate ways to
On 08/23/2017 08:26 PM, John Levine wrote:
> Only if you want your mail to mysteriously disappear. There are a lot
> of perfectly legitimate ways to send and route mail that SPF cannot
> describe. Unless your name is Paypal or you are otherwise a giant
> phish target, -all is not want you want.
Hi Tom,
You'll want to change your MX records to point to the name, rather
than the IP, of your mail server. Note that your MX target does _not_
have to be in the same domain as the one it's serving mail for. For
example:
X.TLD IN MX 10 mail.example.com.
is perfectly valid, and quite
On Wed, Aug 23, 2017 at 2:28 PM, Tom Browder wrote:
...
> I have a single remote server with one IP address (142.54.186.2) I am using
> it to host multiple, independent domains. I am working on configuring a
> single postfix instance to serve mail for all domains (assuming
On Wed, Aug 23, 2017 at 2:54 PM, Alan Clegg wrote:
> MX record needs a name and not an IP address. Beyond that, seems fine.
Thanks, Alan.
-Tom
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
from
On Wed, Aug 23, 2017 at 14:54 McDonald, Daniel (Dan)
wrote:
>
> I don’t believe you can use an IP address in an MX record. You should use
> X.TLD instead, or more likely whatever the main address of the server is
> (whatever the reverse address resolves to)'
...
On Wed, Aug 23, 2017 at 3:01 PM, wrote:
> MX records cannot point to an IP address. try this:
>
> x.tld MX 10 x.tld.
Thanks, William!
-Tom
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
I have a single remote server with one IP address (142.54.186.2) I am using
it to host multiple, independent domains. I am working on configuring a
single postfix instance to serve mail for all domains (assuming I can
successfully rewrite appropriate parts of mail in and out).
>From referring to
23 matches
Mail list logo