User Panel
User Panel
User Panel
|
Posted: 1/21/2021 12:10:51 AM EDT
[#1]
DNS MX records contain the info about where mail for a domain is sent. You can point those records where you want.
So you want domain.com e-mail to be handled by the host mail.domain.com. Set the MX record to specify that. Make sure your e-mail client sets Reply-To the way you want. |
|
|
|
Posted: 1/21/2021 12:32:59 AM EDT
[#2]
Quote HistoryQuoted: DNS MX records contain the info about where mail for a domain is sent. You can point those records where you want. So you want domain.com e-mail to be handled by the host mail.domain.com. Set the MX record to specify that. Make sure your e-mail client sets Reply-To the way you want. So, then how does SSL via something like Lets Encrypt work? Will it matter if url.com and mail.url.com live on different VPS? |
|
|
|
Posted: 1/21/2021 12:42:21 AM EDT
[#3]
Thats where a wildcard ssl comes into play. Wildcards are *.url.com, meaning they can cover anything and every that is before your domain. you'd use a wild card for url.com, then the wildcard for mail.url.com, or dev.url.com, etc
Youd need to install the wildcard on various servers still, like it doesnt auto pick it up. If you were using lets say apache to host your website, youd have to install the ssl on the server and make sure your config files pointed to it. Also if you used a system that runs proxies such as haproxy or nginx youd have to point those config files to the ssl. Then if you ran a mail system (for brevity lets just say exchange) the ssl would need to be on that server and set up for it. If its a simple system with one server, its mainly just pointing config files to the ssl. |
|
|
|
Posted: 1/21/2021 12:42:42 AM EDT
[#4]
You're setting up two different services. They operate independently. SSL for web is unaffected by mail things. The SSL cert matches up to webserver.domain.com, and its IP address.
Setting up mail is separate, even the certs. |
|
|
|
Posted: 1/21/2021 12:50:45 AM EDT
[#5]
Quote HistoryQuoted: You're setting up two different services. They operate independently. SSL for web is unaffected by mail things. The SSL cert matches up to webserver.domain.com, and its IP address. Setting up mail is separate, even the certs. Could do individual certs, but a wildcard cert was pretty much designed for this case of scenarios. |
|
|
|
Posted: 1/21/2021 12:57:57 AM EDT
[#6]
Quote HistoryQuoted: Could do individual certs, but a wildcard cert was pretty much designed for this case of scenarios. Quote HistoryQuoted: Quoted: You're setting up two different services. They operate independently. SSL for web is unaffected by mail things. The SSL cert matches up to webserver.domain.com, and its IP address. Setting up mail is separate, even the certs. Could do individual certs, but a wildcard cert was pretty much designed for this case of scenarios. Yup. I was focused more on his last sentence ("I know I can create a subdomain (mail.url.com) and point that to the new VPS, but wouldn't that give me an email address of [email protected] instead of [email protected]?") when I started responding. |
|
|
|
Posted: 1/21/2021 12:59:58 AM EDT
[#7]
So as far as DNS goes a CNAME record of mail.url.com would point to the mail server vps and then an mx record would point to mail.url.com?
|
|
|
|
Posted: 1/21/2021 1:10:44 AM EDT
[#8]
*read wrong lol. Brain getting old these days.
Edited due to old eyes, old brain |
|
|
|
Posted: 1/21/2021 1:17:40 AM EDT
[#9]
Quote HistoryQuoted: Yup. I was focused more on his last sentence ("I know I can create a subdomain (mail.url.com) and point that to the new VPS, but wouldn't that give me an email address of [email protected] instead of [email protected]?") when I started responding. Typed out a long response and my wife pointed out im getting old and sleepy as i read this wrong. Lol. Makes sense! |
|
|
|
Posted: 1/21/2021 1:18:12 AM EDT
[#10]
Quote HistoryQuoted: Could do individual certs, but a wildcard cert was pretty much designed for this case of scenarios. I THINK virtualmin doesn't support Wildcard certificates for it's automatic update functionality, so I might be better off just using two certs if I can do it that way. That way, I can let Virtualmin handle updating the certs. |
|
|
|
Posted: 1/21/2021 1:24:40 AM EDT
[#11]
Quote HistoryQuoted: So as far as DNS goes a CNAME record of mail.url.com would point to the mail server vps and then an mx record would point to mail.url.com? Close, cname wouldnt be a good fit since you'd also need mx records. Id use an A record to point to mail server vps and then the mx record. It well past going to sleep here, so ill double check myself in the morning, but VIM can probably chime in and get you on the right path if my tiredness isnt correct |
|
|
|
Posted: 1/21/2021 1:31:46 AM EDT
[#12]
Quote HistoryQuoted: Close, cname wouldnt be a good fit since you'd also need mx records. Id use an A record to point to mail server vps and then the mx record. It well past going to sleep here, so ill double check myself in the morning, but VIM can probably chime in and get you on the right path if my tiredness isnt correct Quote HistoryQuoted: Quoted: So as far as DNS goes a CNAME record of mail.url.com would point to the mail server vps and then an mx record would point to mail.url.com? Close, cname wouldnt be a good fit since you'd also need mx records. Id use an A record to point to mail server vps and then the mx record. It well past going to sleep here, so ill double check myself in the morning, but VIM can probably chime in and get you on the right path if my tiredness isnt correct Nah, you got it. I'd do A and MX records. |
|
|
|
Posted: 1/21/2021 2:37:41 AM EDT
[#13]
As I think through this, if my mail server has a domain of mail.url.com won't my mail client, by default, probably try to send email as [email protected] instead of [email protected]?
How do remedy this? Just change the "From" settings? Won't each user have to do this in their email client? That seems like it would create all kinds of problems if you set up email accounts for other users. For example, Joe might configure his mail client, and start sending the mail as [email protected] but if Jane forgets to, she would be sending email as Jane@mail.url.com. Unless I am missing something here (I probably am). How do I force email to be sent as [email protected] instead of [email protected] (which is the A record for the mail server box). |
|
|
|
Posted: 1/21/2021 5:27:15 AM EDT
[#14]
Keep in mind that Digital Ocean is EXTREMELY spam friendly, and routinely gets firewalled by pissed off mail admins.
Take a look at their listings on Spamhaus.... https://www.spamhaus.org/sbl/listings/digitalocean.com |
|
|
|
Posted: 1/21/2021 9:22:56 AM EDT
[#15]
Quote HistoryQuoted: As I think through this, if my mail server has a domain of mail.url.com won't my mail client, by default, probably try to send email as [email protected] instead of [email protected]? How do remedy this? Just change the "From" settings? Won't each user have to do this in their email client? That seems like it would create all kinds of problems if you set up email accounts for other users. For example, Joe might configure his mail client, and start sending the mail as [email protected] but if Jane forgets to, she would be sending email as Jane@mail.url.com. Unless I am missing something here (I probably am). How do I force email to be sent as [email protected] instead of [email protected] (which is the A record for the mail server box). So the mail.url.com the name of your mail server, not the name of your email address. Mx records will just tell it "hey this traffic is mail its handled by: mail.url.com" the mail server itself is configured in what to handle, inside the mail server itself is where you attach domains. For example, we have one exchange server, it resides at mail.url.com. In the exchange settings we have @url.com set up for the email, and in some parts of the company we have @url2, or @url3 depending on what division they fall in. All that is handled in the mail server itself. |
|
|
|
Posted: 1/21/2021 9:27:08 AM EDT
[#16]
Quote HistoryQuoted: So the mail.url.com the name of your mail server, not the name of your email address. Mx records will just tell it "hey this traffic is mail its handled by: mail.url.com" the mail server itself is configured in what to handle, inside the mail server itself is where you attach domains. For example, we have one exchange server, it resides at mail.url.com. In the exchange settings we have @url.com set up for the email, and in some parts of the company we have @url2, or @url3 depending on what division they fall in. All that is handled in the mail server itself. So the MX record makes sure that email addressed to @url.com will reach my mail server at mail.url.com? Somewhere in the mail server configuration, I have to tell it to receive mail for @url.com, instead of @mail.url.com? |
|
|
|
Posted: 1/21/2021 9:47:16 AM EDT
[#17]
Quote HistoryQuoted: Keep in mind that Digital Ocean is EXTREMELY spam friendly, and routinely gets firewalled by pissed off mail admins. Take a look at their listings on Spamhaus.... https://www.spamhaus.org/sbl/listings/digitalocean.com I say it in every email thread. If you have to ask pay for email. I've done operations for email service providers and wouldn't want to run my own. It's a pain to do right, and your IP reputation is going to be garbage. Hell, even goatboy has his issues. |
|
|
|
Posted: 1/21/2021 10:54:58 AM EDT
[#18]
Quote HistoryQuoted: I say it in every email thread. If you have to ask pay for email. I've done operations for email service providers and wouldn't want to run my own. It's a pain to do right, and your IP reputation is going to be garbage. Hell, even goatboy has his issues. People said the same thing about hosting websites... Then people end up getting horrific shared hosting... Isn't using something like Sendgrid/Mailgun/Whatever to handle the outgoing a good fix for the IP reputation aspect? |
|
|
|
Posted: 1/21/2021 2:36:43 PM EDT
[#19]
Quote HistoryQuoted: People said the same thing about hosting websites... Then people end up getting horrific shared hosting... Isn't using something like Sendgrid/Mailgun/Whatever to handle the outgoing a good fix for the IP reputation aspect? Quote HistoryQuoted: Quoted: I say it in every email thread. If you have to ask pay for email. I've done operations for email service providers and wouldn't want to run my own. It's a pain to do right, and your IP reputation is going to be garbage. Hell, even goatboy has his issues. People said the same thing about hosting websites... Then people end up getting horrific shared hosting... Isn't using something like Sendgrid/Mailgun/Whatever to handle the outgoing a good fix for the IP reputation aspect? Most of the ESP's in my opinion are simply spammers for hire. My 2 cents is that if you want the best chance for your mails to go through, find a provider that isn't listed on Spamhaus. Most of the big mega hosting outfits are lazy and stop caring about abuse@ reports, and end up getting large chunks of their network firewalled off. |
|
|
|
Posted: 1/21/2021 4:05:11 PM EDT
[#20]
Quote HistoryQuoted: Most of the ESP's in my opinion are simply spammers for hire. My 2 cents is that if you want the best chance for your mails to go through, find a provider that isn't listed on Spamhaus. Most of the big mega hosting outfits are lazy and stop caring about abuse@ reports, and end up getting large chunks of their network firewalled off. So when IPs are blacklisted, are these the result of somebody just blacklisting an entire Subnet (say the one belonging to Vultr/Digital Ocean)? Or somebody actually use that specific IP Address and sending spam from it? Couldn't you just play round-robin with your VPS provider until you get an IP address that isn't blacklisted? As in, just keep rolling the dice and checking the IP they give you until you finally get given one that isn't? Or are all of Digital Oceans (Or Linodes or Vultrs, or whoevers) IPs going to be blacklisted? |
|
|
|
Posted: 1/22/2021 12:16:08 AM EDT
[#21]
Quote HistoryQuoted: So when IPs are blacklisted, are these the result of somebody just blacklisting an entire Subnet (say the one belonging to Vultr/Digital Ocean)? Or somebody actually use that specific IP Address and sending spam from it? Couldn't you just play round-robin with your VPS provider until you get an IP address that isn't blacklisted? As in, just keep rolling the dice and checking the IP they give you until you finally get given one that isn't? Or are all of Digital Oceans (Or Linodes or Vultrs, or whoevers) IPs going to be blacklisted? Depends entirely on who is running it. It may be the specific IP or maybe a /24 or maybe every block you own. When I did email we had to rotate through entire IP blocks at times because of issues with blacklists. Good luck having access to multiple IP blocks in good standing. Your best bet is to find a email provider that handles SMB and doesn't touch bulk mailing. |
|
|
|
Posted: 1/22/2021 12:22:30 AM EDT
[#22]
Quote HistoryQuoted: So when IPs are blacklisted, are these the result of somebody just blacklisting an entire Subnet (say the one belonging to Vultr/Digital Ocean)? Or somebody actually use that specific IP Address and sending spam from it? Couldn't you just play round-robin with your VPS provider until you get an IP address that isn't blacklisted? As in, just keep rolling the dice and checking the IP they give you until you finally get given one that isn't? Or are all of Digital Oceans (Or Linodes or Vultrs, or whoevers) IPs going to be blacklisted? 1. Depends on the blacklist. Some are very conservative, some are very aggressive. On my own mail server, I get sick of playing whack-a-mole, and I start firewalling large netblocks. The more an ISP pisses me off with spam attempts, the more aggressive I get. Eventually I declare them to be "firewall bait" and I pre-emptively take out all known netblocks they own. DO is in that category on my server. 2. Some VPS's may allow you to change your IP easily. Most do not as far as I know. And low reputation providers tend to get blocked whole sale for moving spammers around. If you live in a "slum", don't expect the pizza guy to deliver to you, even if you move a few apartments over. |
|
|
Win a FREE Membership!
Sign up for the ARFCOM weekly newsletter and be entered to win a free ARFCOM membership. One new winner* is announced every week!
You will receive an email every Friday morning featuring the latest chatter from the hottest topics, breaking news surrounding legislation, as well as exclusive deals only available to ARFCOM email subscribers.
AR15.COM is the world's largest firearm community and is a gathering place for firearm enthusiasts of all types.
From hunters and military members, to competition shooters and general firearm enthusiasts, we welcome anyone who values and respects the way of the firearm.
Subscribe to our monthly Newsletter to receive firearm news, product discounts from your favorite Industry Partners, and more.
Copyright © 1996-2024 AR15.COM LLC. All Rights Reserved.
Any use of this content without express written consent is prohibited.
AR15.Com reserves the right to overwrite or replace any affiliate, commercial, or monetizable links, posted by users, with our own.
