Differences

This shows you the differences between two versions of the page.

--- email:dns [2025/03/05 19:58] – created willy
+++ email:dns [2025/03/06 10:22] (current) – [SPF record] willy
@@ Line 1: / Line 1: @@
 ====== Email related DNS records ======
+The DNS (Domain Name Service) plays a critical role in email delivery. You need to create a set of DNS records to make sure that your email can be delivered and that email can be delivered to you as well.
+The basic record to setup is the MX record, which tells the email servers //which server(s)// handle email for your domain.
+This page will make a general overview of all the needed records, more details are presented in each configuration section later on.
+Please __note__ that you will need **more** that the records defined in this page for a domain to operate properly: this is only for email.
+===== Reverse DNS =====
+A reverse DNS setup is how you translate an IP to a DNS name. This is the //opposite// of DNS, where you translate a domain to an IP.
+This is important to be properly set, and is usually defined aside from your actual DNS management panel of your provider.
+If you cannot set it, some providers don't support it, it's ok. Better set it up, if possible. When set, it will help email deliverability.
+===== MX record =====
+An **MX** record (mandatory) tells who manages emails for your domain. You can have more than one, to build a chain of backup servers, but that is outside the scope of this guide. I assume your MX record points to **mail.mydomain.com**.
+Please note that this implies as well the existence of an **A** record for //mail.mydomain.com//.
+Example:
 <code>
-r._domainkey.mydomain.com.	"""v=DKIM1; k=rsa; h=sha256; p=<key>"""	3600	TXT
+mail.mydomain.com.    x.y.w.z	            1800 A
-e._domainkey.mydomain.com.	"""v=DKIM1; k=ed25519; h=sha256; p=<key>="""	3600	TXT
+webmail.mydomain.com. mail.mydomain.com.    1800 CNAME
+@	              10 mail.mydomain.com. 3600 MX
+</code>
+===== SPF record =====
+For SPF to work, you need to setup a proper TXT record like the following:
+<code>
+@	v=spf1 mx a -all 3600 TXT
+</code>
+===== DKIM record =====
+The DKIM record contains the public part of your domain DKIM keys:
+<code>
+mydomain.com._domainkey. "v=DKIM1; k=rsa; p=<< mykey >>" 3600 TXT
+</code>
+In the above example //<< mykey >>// is a very long random characters string.
+===== DMARC record =====
+The DMARC record is used to publish your domain DMARC strategy
+<code>
+_dmarc.mydomain.com. "v=DMARC1; p=reject; rua=mailto:postmaster@mydomain.com;" 3600 TXT
 _smtp_tls.mydomain.com.	"""v=TLSRPTv1; rua=mailto:postmaster@mydomain.com"""	3600	TXT
-webmail.mydomain.com.	external.mydomain.com.	3600	CNAME
+</code>
-_imaps._tcp.mail.mydomain.com.	0 1 993 mail.mydomain.com.	3600	SRV
-_submissions._tcp.mail.mydomain.com.	0 1 465 mail.mydomain.com.	3600	SRV
-_imap._tcp.mail.mydomain.com.	0 1 143 mail.mydomain.com.	3600	SRV
+===== Discoverability records =====
-_submission._tcp.mail.mydomain.com.	0 1 587 mail.mydomain.com.	3600	SRV
-mail.mydomain.com.	111.111.111.111	1800	A
+The following set of SRV records facilitate mail clients to discover your IMAP and SMTP servers:
-_dmarc.mydomain.com.	"""v=DMARC1; p=reject; rua=mailto:postmaster@mydomain.com; ruf=mailto:postmaster@mydomain.com"""	3600	TXT
+<code>
-mx1.mydomain.com.	111.111.111.111	1800	A
+_imaps._tcp.mail.mydomain.com. 0 1 993 mail.mydomain.com. 3600 SRV
-@	"""v=spf1 mx ra=postmaster -all"""	3600	TXT
+_submissions._tcp.mail.mydomain.com. 0 1 465 mail.mydomain.com. 3600 SRV
-@	10 mail.mydomain.com.	3600	MX
+_imap._tcp.mail.mydomain.com. 0 1 143 mail.mydomain.com. 3600 SRV
-@	111.111.111.111	1800	A
+_submission._tcp.mail.mydomain.com. 0 1 587 mail.mydomain.com. 3600 SRV
 </code>

Willy's Wiki

User Tools

Differences