Looks good for a server hostname. If that’s your only host your hosts file is done. But if there’s a virtualhost in Virtualmin for myDomain.com or any other host using the same IP, add them alongside host1.myDomain.com.
The “fly in the ointment” might be that the domains have their DNS managed at the Registrars control panels. I’d probably prefer to keep it that way - not wanting to run at least 2 servers.
Can I have BIND running but effectively not doing anything? DNS Forwarders springs to mind.
You could have BIND running for only local usage (it’s small/efficient in that context), or you can just make sure you add your DNS records (including glue records) before expecting anything to work in Virtualmin. There are some features (“Preview Website”, in particular) that can’t work unless Virtualmin itself can look up the name. That’s normally automatic because the installer sets up the local DNS server.
If you’re disabling the DNS feature and stopping BIND you’ll need to remove 127.0.0.1 from /etc/resolv.conf as there will no longer be a name server there.
I don’t really want to run BIND, but need to use DKIM and my understanding is that to enable and use DKIM, BIND must run and DNS must be enabled for DKIM to work for each Virtual Server. If this isn’t the case - happy to turn it off.
Is there anything I need to do to use BIND only for local usage?
Oh, DKIM does require quite a bit of DNS interaction. But, I think you can create and maintain the necessary text records yourself. Running a local BIND wouldn’t make DKIM work, unless you’re pushing those records out to your “real” DNS server.
DKIM works by providing the public key of the private key used to sign messages in a DNS record. If recipients can’t retrieve that record, they can’t verify the signature. Virtualmin automates the process of key generation and publishing, but you can do some or all of it manually, too.
In all fairness - I maintain the DKIM TXT records on the domain registrars control panels manually. No issues with that going forward.
Sorry if you’ve already answered the question - if I am maintaining the DKIM TXT records manually at the registrar control panels, do I still need to run BIND and\or enable DNS for a given (or all) Virtual Servers?
I’m not sure. I’ve never done it. But, I can’t think of why it would be necessary. But, Jamie may have made it a dependency because he likes to make things completely automatic (and we historically mostly assumed local DNS). Try it and see. If there are problems, maybe I can help work around it or encourage Jamie to remove the assumption of local DNS.
I am inclined to try it out. It’s a fresh VPS (would be a pain to re-install it but far less given there’s nothing live on\in it) so can tinker.
If I go the whole hog and disable BIND will I need to put nameserver entries anywhere? Resolv.conf springs to mind. Or can I use Virtualmin\Webmin GUI to do that? I can’t imagine they will appear by themselves. LOL
went into Webmin >> Networking >> Network Configuration >> Hostname & DNS Client and changed DNS Servers to match my other host (which doesn’t have BIND running).
Sent an email to a yahoo email address and upon examining the raw headers, I see
Don’t blame you for hosting DNS with a registrar or service. There’s peace of mind having nameservers spread out geographically, plus less risk of operator error. Those of us who prefer running a DNS server do it for a different kind of peace of mind.
which made me think DKIM was working. So went into Virtualmin >> Email Settings >> DomainKeys Identified Mail which was as before but I clicked on save this time.
I got the following messages,
Finding virtual servers to enable DKIM for … … no virtual servers with DNS and email enabled were found, but enabling for 1 extra domains
Extracting public key from private key in /etc/dkim.key … … done
Setting domain and selector in DKIM filter configuration … … done
Enabling DKIM filter at boot time … … done
Starting DKIM filter …
Hit Return to DKIM form and then sent another email to yahoo. Checking the raw headers, I get