Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| email:dns [2025/03/05 20:08] – willy | email:dns [2025/03/06 10:22] (current) – [SPF record] willy | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Email related DNS records ====== | ====== Email related DNS records ====== | ||
| + | The DNS (Domain Name Service) plays a critical role in email delivery. You need to create a set of DNS records to make sure that your email can be delivered and that email can be delivered to you as well. | ||
| + | The basic record to setup is the MX record, which tells the email servers //which server(s)// handle email for your domain. | ||
| + | |||
| + | This page will make a general overview of all the needed records, more details are presented in each configuration section later on. | ||
| + | |||
| + | Please __note__ that you will need **more** that the records defined in this page for a domain to operate properly: this is only for email. | ||
| + | |||
| + | |||
| + | ===== Reverse DNS ===== | ||
| + | |||
| + | A reverse DNS setup is how you translate an IP to a DNS name. This is the // | ||
| + | |||
| + | This is important to be properly set, and is usually defined aside from your actual DNS management panel of your provider. | ||
| + | |||
| + | If you cannot set it, some providers don't support it, it's ok. Better set it up, if possible. When set, it will help email deliverability. | ||
| + | |||
| + | |||
| + | ===== MX record ===== | ||
| + | |||
| + | An **MX** record (mandatory) tells who manages emails for your domain. You can have more than one, to build a chain of backup servers, but that is outside the scope of this guide. I assume your MX record points to **mail.mydomain.com**. | ||
| + | |||
| + | Please note that this implies as well the existence of an **A** record for // | ||
| + | |||
| + | Example: | ||
| < | < | ||
| - | mydomain.com._domainkey. | + | mail.mydomain.com. |
| + | webmail.mydomain.com. mail.mydomain.com. | ||
| + | @ 10 mail.mydomain.com. 3600 MX | ||
| + | </ | ||
| + | |||
| + | |||
| + | ===== SPF record ===== | ||
| + | |||
| + | For SPF to work, you need to setup a proper TXT record like the following: | ||
| + | < | ||
| + | @ v=spf1 mx a -all 3600 TXT | ||
| + | </ | ||
| + | |||
| + | |||
| + | ===== DKIM record ===== | ||
| + | |||
| + | The DKIM record contains the public part of your domain DKIM keys: | ||
| + | < | ||
| + | mydomain.com._domainkey. " | ||
| + | </ | ||
| + | |||
| + | In the above example //<< mykey >>// is a very long random characters string. | ||
| + | |||
| + | |||
| + | ===== DMARC record ===== | ||
| + | |||
| + | The DMARC record is used to publish your domain DMARC strategy | ||
| + | < | ||
| + | _dmarc.mydomain.com. " | ||
| _smtp_tls.mydomain.com. """ | _smtp_tls.mydomain.com. """ | ||
| - | webmail.mydomain.com. external.mydomain.com. 3600 CNAME | + | </ |
| - | _imaps._tcp.mail.mydomain.com. 0 1 993 mail.mydomain.com. 3600 SRV | + | |
| - | _submissions._tcp.mail.mydomain.com. 0 1 465 mail.mydomain.com. 3600 SRV | + | |
| - | _imap._tcp.mail.mydomain.com. 0 1 143 mail.mydomain.com. 3600 SRV | + | ===== Discoverability records ===== |
| - | _submission._tcp.mail.mydomain.com. 0 1 587 mail.mydomain.com. 3600 SRV | + | |
| - | mail.mydomain.com. 111.111.111.111 1800 A | + | The following set of SRV records facilitate mail clients to discover your IMAP and SMTP servers: |
| - | _dmarc.mydomain.com. """ | + | < |
| - | mx1.mydomain.com. 111.111.111.111 1800 A | + | _imaps._tcp.mail.mydomain.com. 0 1 993 mail.mydomain.com. 3600 SRV |
| - | @ """ | + | _submissions._tcp.mail.mydomain.com. 0 1 465 mail.mydomain.com. 3600 SRV |
| - | @ 10 mail.mydomain.com. 3600 MX | + | _imap._tcp.mail.mydomain.com. 0 1 143 mail.mydomain.com. 3600 SRV |
| - | @ 111.111.111.111 1800 A | + | _submission._tcp.mail.mydomain.com. 0 1 587 mail.mydomain.com. 3600 SRV |
| </ | </ | ||