90% of attacks start with a phish. It’s critical that IT admins and MSSPs have the right security in place to protect their end users from these phishing attacks. Check out our latest feature brief for tips and tricks to keep your employees off a hackers line!
DNS/Mail Newbie needs help with setting up DNS
I've registered a domain (xyz.com) and transferred the name servers to my hosting company Rackspace.
I want to be able to create mail addresses simon@xyz.com, and simon@mysub.xyz.com.
I renamed the hostname to mail.xyz.com.
Which 'A' records should I create, mail.xyz.com, xyz.com, mysub.xyz.com, mail.mysub.xyz.com? or all?
ditto MX records?
I want to be able to create mail addresses simon@xyz.com, and simon@mysub.xyz.com.
I renamed the hostname to mail.xyz.com.
Which 'A' records should I create, mail.xyz.com, xyz.com, mysub.xyz.com, mail.mysub.xyz.com? or all?
ditto MX records?
Who is Participating?
Thanks for getting back to me. I'll follow your advice to the letter, but what does the MX 10 bit mean (i mean the '10')? Is that the TTL?
ditto /24 PTR?
ditto /24 PTR?
The 10 is a preference assignment used in the event that you have multiple mail servers. It doesn't have to be 10 it can be any number between 0 and 65535 but 10 is the most common (and then 20 for the next MX server record).
the /24 PTR means that a reverse lookup (eg. a lookup on the IP for that /24 subnet (aka 255.255.255.0)) will correspond to xyz.com
so If I did a 'nslookup your.ip.addre.ss' it would return name = xyz.com.
TTL is generally set elsewhere in the file/configuration.
the /24 PTR means that a reverse lookup (eg. a lookup on the IP for that /24 subnet (aka 255.255.255.0)) will correspond to xyz.com
so If I did a 'nslookup your.ip.addre.ss' it would return name = xyz.com.
TTL is generally set elsewhere in the file/configuration.
MX records have a preference value. The lower valued MX records are attempted before trying a higher number value.
If you had:
xyz.com MX 10 myprimarymail.xyz.com
xyz.com MX 20 mybackupmail.xyz.com
A mail server attempting to deliver mail to foo@xyz.com would attempt to deliver to myprimarymail.xyz.com and if that failed to work, it would attempt to deliver to mybackupmail.xyz.com.
If you had:
xyz.com MX 10 myprimarymail.xyz.com
xyz.com MX 20 mybackupmail.xyz.com
A mail server attempting to deliver mail to foo@xyz.com would attempt to deliver to myprimarymail.xyz.com and if that failed to work, it would attempt to deliver to mybackupmail.xyz.com.
That PTR record might need to be more exact. If you only have a single IP you might want to do something like (unless you have a full class C address space):
192.158.2.100 PTR xyz.com
Here's a good doc on DNS if you're curious:
http://www.zytrax.com/books/dns/ch8/
192.158.2.100 PTR xyz.com
Here's a good doc on DNS if you're curious:
http://www.zytrax.com/books/dns/ch8/
You will likely have to ask Rackspace to handle the pointer (PTR) records for you. Unless they delegate the address space to you, you will not be able to manage the reverse lookup zone. You can verify ownership of the address space using a WHOIS lookup. www.arin.net has one on their home page.
It probably would be, yes. In that case leave the PTR out. You can verify it by doing: nslookup IP.YouSet.In.Reversedns from your computer and see if it returns the hostname that you set for the reverse lookup record.
If you used the Rackspace control panel (just looked up what was available in it), that should do it. You can verify it by checking a DNS server. Assuming your IP address was 1.2.3.4, the format of the query from a Windows PC would be:
nslookup -type=PTR 4.3.2.1.in-addr.arpa
On a linux system it would be
nslookup -type=PTR 4.3.2.1.in-addr.arpa
or
dig PTR 4.3.2.1.in-addr.arpa
If properly configured, it should return with the name of the server you specified in the control panel.
nslookup -type=PTR 4.3.2.1.in-addr.arpa
On a linux system it would be
nslookup -type=PTR 4.3.2.1.in-addr.arpa
or
dig PTR 4.3.2.1.in-addr.arpa
If properly configured, it should return with the name of the server you specified in the control panel.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
All Courses
From novice to tech pro — start learning today.
-
Course of the Month10 days, 11 hours left to enrollMonitoring and Operating a Private Cloud with System Center 2012 R2 273 lessons
I'd set it up this way:
xyz.com. NS ns1.nameserver.com.
xyz.com. NS ns2.nameserver.com.
xyz.com. A IP.WHERE.YOUR.DOMAINIS
mail.xyz.com. A IP.WHERE.YOUR.DOMAINIS
www.xyz.com. CNAME xyz.com.
mysub.xyz.com. CNAME xyz.com.
xyz.com. MX 10 mail.xyz.com.
IP.WHERE.YOUR.DOMAINIS/24 PTR xyz.com.
This way, if you ever need to update your IP you only have to change it a couple of times.
this IP.WHERE.YOUR.DOMAINIS obviously needs to be the IP where your domain is.