DNS and records always confuses the beans out of me
i have nothing running yet
i have a domain which i’ll refer to as example.com
example.com will be the only domain and website on the server
VPS will have 1 IPv4 address (+IPv6)
it looks like DNS records can be set on the server, or at the register - given that i prefer having control over as much of my stuff as possible, i’d like to set the records on the server… i think
so is this correct…
server name FQDN: host.example.com
nameserver: ns1.example.com
port 53 UDP & TCP have to be opened
public website: example.com
given that i’ll have only a single IP, is there any reason to create more than one nameserver?
for the web server part, i’ll need to add a DNS ‘A’ record somewhere in virtualmin (i’ll figure out where), correct? is there any other records i need to add?
i want virtual admin to send me status/update emails - do i need the mail server installed, or is there a simpler way, such as PHP’s sendmail i guess???
If you require assistance getting this setup, along with a Q&A session to get you going in the area of DNS and/or Virtualmin as a whole, drop me a line. My intro rates are very affordable for most.
i have old DNS nameserver records already set up - i just need to change the IP’s once i spin up the server - i’m not going to bother with IPv6 at this point
i’m still wondering about my no. 4 question; whether or not i need a mail server running on the server to be notified of server happenings, or whether i can send mail another way, such as to my everyday email address
No, you don’t need a mail server running. A lot of people for instance delegate Gmail or Office365 for this role, and simply add the appropriate records for their service.
Sure. It’s considered good practice, and most registrars will require you to provide at least two name servers if you’ll be delegating elsewhere.
One could argue that if you’re hosting it all on one server (i.e. web and DNS) having two is unimportant…if the one server goes down, you lose web anyway, but when there is an outage I like being able to change DNS to send mail to a hold-and-forward backup, and maybe a placeholder website if the outage will be longer than a few minutes. If everything is on one, you lose the ability to even migrate off the one server in a reasonable way. You just have more steps to recover in such a case, since you have to spin up new DNS servers plus whatever other stuff was going on, and also wait for the new delegation to propagate.
understood - i’m not running a critical site so i’m not so worried about something exploding along the network, plus a i already have a tamp backup landing page
on to mail… another nightmare that haunts me
given i’ll be using a 3rd party mail provider, can i dump dovecot, postifx and bind?
how do i configure the server so that it sends mail to my provider (i didn’t find anything in the docs)? i assume an MX record is involved, but i know little about this
on my old server i had DKIM, DMARC and SPF implemented in an effort to keep a the IP clean and add some security/trust - all this is moot when using an external mail server, correct?
No, you don’t dump Postfix (SMTP) or Dovecot (POP/IMAP) or BIND (DNS), but you can if desired “disable” them.
This approach allows at a future date should you change how things run the ability to “enable” them. Further these services take up very little space anyways.
*** Postfix while it may not be getting used for everyday mailboxes, does come in handy when the system wants to contact you about critical events and such. So while I’d recommend based on your needs to “disable” inbound connections to port 25 (SMTP) I would never recommend completely disabling Postfix (SMTP) ***
unless someone thinks this is a bad idea, it looks like i’ll be adding my domain to my current mail server which has instructions for handling this - basically…
Set the MX part of your DNS record to point to "mx.runbox.com" in your domain hosting service. Runbox will automatically check your DNS record at short intervals (10 min), and change the status of the domain entry to “Active” once your record has been verified.
Set a TXT record in your DNS zone to specify that Runbox is a valid email sender for your domain. It should look like "v=spf1 redirect=spf.runbox.com".
and then for SPF they say…
The way to do this is to modify your DNS records to include the text below in a TXT record of your zone file.