This is probably going to be a daft question:
My etc/hosts file has the following entries
127.0.0.1 localhost
11.22.33.44. host1.myDomain.com host1
Does that look correct?
Sorry - I’ve been awake far too long dealing with a misbehaving setup and Roundcube.
Thanks in advance
Dibs
Looks good for a server hostname. If that’s your only host your hosts file is done. But if there’s a virtualhost in Virtualmin for myDomain.com or any other host using the same IP, add them alongside host1.myDomain.com.
@ramin - many thanks for the reply.
At the risk of being totally dense - if I had add a Virtual Server with a domain newDomain.com, would\should the hosts file look like?
127.0.0.1 localhost
11.22.33.44. host1.myDomain.com newDomain.com host1
and similarly the 2nd line just get longer with each new domain (Virtual Server) that gets added?
Thanks in advance
Dibs
That’s not necessary. They should all end up in DNS somehow.
No. Your /etc/hosts is fine and it doesn’t need to change.
@Joe - thanks for the replies.
The “fly in the ointment” might be that the domains have their DNS managed at the Registrars control panels. I’d probably prefer to keep it that way - not wanting to run at least 2 servers.
Can I have BIND running but effectively not doing anything? DNS Forwarders springs to mind.
Many Thanks
Dibs
You could have BIND running for only local usage (it’s small/efficient in that context), or you can just make sure you add your DNS records (including glue records) before expecting anything to work in Virtualmin. There are some features (“Preview Website”, in particular) that can’t work unless Virtualmin itself can look up the name. That’s normally automatic because the installer sets up the local DNS server.
If you’re disabling the DNS feature and stopping BIND you’ll need to remove 127.0.0.1 from /etc/resolv.conf as there will no longer be a name server there.
@Joe - Thanks for the reply.
I don’t really want to run BIND, but need to use DKIM and my understanding is that to enable and use DKIM, BIND must run and DNS must be enabled for DKIM to work for each Virtual Server. If this isn’t the case - happy to turn it off.
Is there anything I need to do to use BIND only for local usage?
Many Thanks
Dibs
Oh, DKIM does require quite a bit of DNS interaction. But, I think you can create and maintain the necessary text records yourself. Running a local BIND wouldn’t make DKIM work, unless you’re pushing those records out to your “real” DNS server.
DKIM works by providing the public key of the private key used to sign messages in a DNS record. If recipients can’t retrieve that record, they can’t verify the signature. Virtualmin automates the process of key generation and publishing, but you can do some or all of it manually, too.
@Joe - thanks for the info.
In all fairness - I maintain the DKIM TXT records on the domain registrars control panels manually. No issues with that going forward.
Sorry if you’ve already answered the question - if I am maintaining the DKIM TXT records manually at the registrar control panels, do I still need to run BIND and\or enable DNS for a given (or all) Virtual Servers?
Many Thanks
Dibs
I’m not sure. I’ve never done it. But, I can’t think of why it would be necessary. But, Jamie may have made it a dependency because he likes to make things completely automatic (and we historically mostly assumed local DNS). Try it and see. If there are problems, maybe I can help work around it or encourage Jamie to remove the assumption of local DNS.
@joe - thanks for the reply.
I am inclined to try it out. It’s a fresh VPS (would be a pain to re-install it but far less given there’s nothing live on\in it) so can tinker.
If I go the whole hog and disable BIND will I need to put nameserver entries anywhere? Resolv.conf springs to mind. Or can I use Virtualmin\Webmin GUI to do that? I can’t imagine they will appear by themselves. LOL
Thanks
Dibs
@ramin - thanks for the reply.
All the A and other records are maintained manually at the DNS registrar control panels (kinda prefer it that way.)
So will leave the hosts file as it is.
Many thanks
Dibs
Just tried the following
Sent an email to a yahoo email address and upon examining the raw headers, I see
dkim=neutral (no sig) header.i=@myDomain.com;
Looking at email I sent to yahoo before the changes, it had
dkim=pass (ok) header.i=@myDomain.com header.s=mySelector;
which leads me to think that if BIND\DNS is turned off - DKIM doesn’t work.
Any thoughts?
Thanks
Dibs
Don’t blame you for hosting DNS with a registrar or service. There’s peace of mind having nameservers spread out geographically, plus less risk of operator error. Those of us who prefer running a DNS server do it for a different kind of peace of mind.
Weird behaviour going on.
Disabled BIND\DNS and sent an email to yahoo. Upon checking the raw headers I got,
dkim=neutral (no sig) header.i=@myDomain.com;
which made me think DKIM was working. So went into Virtualmin >> Email Settings >> DomainKeys Identified Mail which was as before but I clicked on save this time.
I got the following messages,
Finding virtual servers to enable DKIM for …
… no virtual servers with DNS and email enabled were found, but enabling for 1 extra domainsExtracting public key from private key in /etc/dkim.key …
… doneSetting domain and selector in DKIM filter configuration …
… doneEnabling DKIM filter at boot time …
… doneStarting DKIM filter …
Hit Return to DKIM form and then sent another email to yahoo. Checking the raw headers, I get
dkim=pass (ok) header.i=@myDomain.com header.s=mySelector;
which looks like DKIM is working fine without BIND\DNS - you just have to hit save again, if you had BIND\DNS runnning before.
So for anyone wanting to enable DKIM - it looks like you don’t need to enable or have BIND running.
Thanks
Dibs
p.s. I reserve the right to alter\retract the last sentence if it all goes weird. LOL
This topic was automatically closed 4 days after the last reply. New replies are no longer allowed.