On Wed, Mar 07, 2018 at 01:15:27PM +1100, Nic Baxter wrote:
I host a number of domains on a Centos 7 VPS. Now I am setting up a VPS with only one domain hosted. I am trying to get my head around issues with naming especially regarding RDNS and a mail server. Should I name the server host.domain.com or just domain.com?
The domain itself needs, at minimum, an SOA record, two or more NS records, and an MX record. The MX record has to point to an A record, **NOT** an IP address or CNAME. If the domain isn't supposed to accept mail give it an MX record like: @ IN MX 10 does-not-accept-mail with the A record being something like this to cause an immediate bounce back to the sender does-not-accept-mail IN A 127.0.0.1 The NS records also have to point to an A record. They can be in your domain, or in your DNS hosting provider's domain. or noth. The domain may also have an A record. IMO, it should have one, and it should be the same as the primary web site, so that http://example.com/ works the same as e.g. http://www.example.com/ - your web server should be configured to accept both, and preferably redirect to the canonical name. It doesn't really matter which you prefer (with or without the www.) as long as you use the same one consistently. You probably want separate "hostnames" (A records) for mail & www even if they all point to the same IP address. This will make it easier to move either or both of those services later if it ever becomes necessary. So the minimal zone file would look something like: $ORIGIN example.com $TTL 86400 @ IN SOA example.com. hostmaster.example.com. ( 2018030701 ; Serial 10800 ; Refresh - 3 hours 1800 ; Retry - 30 minutes 604800 ; Expire - 7 Days 43200 ) ; Minimum - 12 hours IN NS ns1.yourisp.example.net. IN NS ns2.yourisp.example.net. IN MX 10 mail IN A ip.ip.ip.ip www IN A ip.ip.ip.ip mail IN A ip.ip.ip.ip Note that none of the hostnames in the domain have a trailing dot. That's so they get $ORIGIN auto-appended. BTW, having a matching reverse-DNS entry for the MX records hostname is nice, and definitely worth doing if you can, but it's not necessary. Very few mail servers reject mail because of something trivial like that - it's not common these days for people to have any control over the .in-addr.arpa zones for the tiny subnets they get allocated by their ISP. craig -- craig sanders <cas@taz.net.au>