Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat. The purpose of this eBook is to educate the reader about ransomware attacks.
Solved
DNS/Mail Newbie needs help with setting up DNS
Posted on 2013-01-10
I've registered a domain (xyz.com) and transferred the name servers to my hosting company Rackspace.
I want to be able to create mail addresses simon@xyz.com, and simon@mysub.xyz.com.
I renamed the hostname to mail.xyz.com.
Which 'A' records should I create, mail.xyz.com, xyz.com, mysub.xyz.com, mail.mysub.xyz.com? or all?
ditto MX records?
I want to be able to create mail addresses simon@xyz.com, and simon@mysub.xyz.com.
I renamed the hostname to mail.xyz.com.
Which 'A' records should I create, mail.xyz.com, xyz.com, mysub.xyz.com, mail.mysub.xyz.com? or all?
ditto MX records?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
4
3-
2
9 Comments
There is a few conflicting schools of thought here. However, generally you only want an A record for the base domain (xyz.com in this case). Some people suggest making mail.xyz.com an a-record as well but I don't think you need to.
I'd set it up this way:
xyz.com. NS ns1.nameserver.com.
xyz.com. NS ns2.nameserver.com.
xyz.com. A IP.WHERE.YOUR.DOMAINIS
mail.xyz.com. A IP.WHERE.YOUR.DOMAINIS
www.xyz.com. CNAME xyz.com.
mysub.xyz.com. CNAME xyz.com.
xyz.com. MX 10 mail.xyz.com.
IP.WHERE.YOUR.DOMAINIS/24 PTR xyz.com.
This way, if you ever need to update your IP you only have to change it a couple of times.
this IP.WHERE.YOUR.DOMAINIS obviously needs to be the IP where your domain is.
I'd set it up this way:
xyz.com. NS ns1.nameserver.com.
xyz.com. NS ns2.nameserver.com.
xyz.com. A IP.WHERE.YOUR.DOMAINIS
mail.xyz.com. A IP.WHERE.YOUR.DOMAINIS
www.xyz.com. CNAME xyz.com.
mysub.xyz.com. CNAME xyz.com.
xyz.com. MX 10 mail.xyz.com.
IP.WHERE.YOUR.DOMAINIS/24 PTR xyz.com.
This way, if you ever need to update your IP you only have to change it a couple of times.
this IP.WHERE.YOUR.DOMAINIS obviously needs to be the IP where your domain is.
Thanks for getting back to me. I'll follow your advice to the letter, but what does the MX 10 bit mean (i mean the '10')? Is that the TTL?
ditto /24 PTR?
ditto /24 PTR?
The 10 is a preference assignment used in the event that you have multiple mail servers. It doesn't have to be 10 it can be any number between 0 and 65535 but 10 is the most common (and then 20 for the next MX server record).
the /24 PTR means that a reverse lookup (eg. a lookup on the IP for that /24 subnet (aka 255.255.255.0)) will correspond to xyz.com
so If I did a 'nslookup your.ip.addre.ss' it would return name = xyz.com.
TTL is generally set elsewhere in the file/configuration.
the /24 PTR means that a reverse lookup (eg. a lookup on the IP for that /24 subnet (aka 255.255.255.0)) will correspond to xyz.com
so If I did a 'nslookup your.ip.addre.ss' it would return name = xyz.com.
TTL is generally set elsewhere in the file/configuration.
MX records have a preference value. The lower valued MX records are attempted before trying a higher number value.
If you had:
xyz.com MX 10 myprimarymail.xyz.com
xyz.com MX 20 mybackupmail.xyz.com
A mail server attempting to deliver mail to foo@xyz.com would attempt to deliver to myprimarymail.xyz.com and if that failed to work, it would attempt to deliver to mybackupmail.xyz.com.
If you had:
xyz.com MX 10 myprimarymail.xyz.com
xyz.com MX 20 mybackupmail.xyz.com
A mail server attempting to deliver mail to foo@xyz.com would attempt to deliver to myprimarymail.xyz.com and if that failed to work, it would attempt to deliver to mybackupmail.xyz.com.
That PTR record might need to be more exact. If you only have a single IP you might want to do something like (unless you have a full class C address space):
192.158.2.100 PTR xyz.com
Here's a good doc on DNS if you're curious:
http://www.zytrax.com/books/dns/ch8/
192.158.2.100 PTR xyz.com
Here's a good doc on DNS if you're curious:
http://www.zytrax.com/books/dns/ch8/
You will likely have to ask Rackspace to handle the pointer (PTR) records for you. Unless they delegate the address space to you, you will not be able to manage the reverse lookup zone. You can verify ownership of the address space using a WHOIS lookup. www.arin.net has one on their home page.
It probably would be, yes. In that case leave the PTR out. You can verify it by doing: nslookup IP.YouSet.In.Reversedns from your computer and see if it returns the hostname that you set for the reverse lookup record.
If you used the Rackspace control panel (just looked up what was available in it), that should do it. You can verify it by checking a DNS server. Assuming your IP address was 1.2.3.4, the format of the query from a Windows PC would be:
nslookup -type=PTR 4.3.2.1.in-addr.arpa
On a linux system it would be
nslookup -type=PTR 4.3.2.1.in-addr.arpa
or
dig PTR 4.3.2.1.in-addr.arpa
If properly configured, it should return with the name of the server you specified in the control panel.
nslookup -type=PTR 4.3.2.1.in-addr.arpa
On a linux system it would be
nslookup -type=PTR 4.3.2.1.in-addr.arpa
or
dig PTR 4.3.2.1.in-addr.arpa
If properly configured, it should return with the name of the server you specified in the control panel.
Featured Post
With the increasing importance of apps & networks in both business & personal interconnections, perfor. has become one of the key metrics of successful communication. This ebook is a hands-on business-case-driven guide to understanding MySQL query parameter tuning & database perf
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article outlines some of the reasons why an email message gets flagged as spam on a recipient's end.
- CodeTwo
- Email Servers
- Email Clients
- Email Protocols
- Email Software
- *Email Anti-Spam
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center.
Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center.
Navigate to the Mail Flow >> Rules tab.: To cr…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
- Anti-Virus Apps
- Ransomware
- The Email Laundry
- Email Servers
- Cybersecurity
- Microsoft Access, *malware
Suggested Courses
Course of the Month7 days, 14 hours left to enroll
715 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.