does anybody like is able to help me setting up the correct record typs for my tiny little Nethserver as it should be in compliance to accept incomming e-Mails, serves a web server, especially sogo and www.
Why does anything need to go by private mail? Assuming you do in fact own a domain, set an A record pointing to your public IP address (yourdomain.com IN A 1.2.3.4). Then, the simplest thing to do is probably set up an alias for everything under your domain (*.yourdomain.com IN CNAME yourdomain.com). Optionally, you can set a MX record, though it isn’t really necessary (yourdomain.com IN MX mail.yourdomain.com).
Actually, you do need an MX record, as well as an SPF record and a reverse lookup record. If you opt-out of those, your mail will be marked as spam by every other (public) server, if it is accepted at all.
(True story™)
MX is necessary only if the FQDN that the Internet should connect to in order to deliver mail is different than your domain name. If you have users@example.com, and the Internet connects to example.com to deliver mail, no MX is necessary (a good idea, probably, but not necessary). If the Internet needs to connect to mail.example.com (or otherdomain.com, or anything other than example.com), you need an MX record specifying that.
Um, no, no it won’t. Again, yes, they’re good ideas, but no, they aren’t mandatory. Yes, they’ll most likely improve the chances of successful mail delivery, but it isn’t a binary thing. Reverse DNS in particular is pretty much impossible to get with residential Internet service, and a substantial extra charge even with business service.
mail acceptance is quit not a problem as long as you have a real static ip. Im am running a dyndns.org mail for severeal years. I had some trouble to be considered as spam without a static IP. Recieving mails ist a little more critial (which I do not really understand).
I am in a troubel in defining an A record as “*”. It seems that this does not really work well for mail. This is the reason why I am asking…
I don’t think you can have a wildcard A record, but you can most certainly have a wildcard CNAME record. Alternatively, you can set up CNAME records for www, mail, and any other specific hostnames you want to use, rather than a wildcard.
Thats what my dns host provider told me to set up … *.mydomain.tld
I think this is what currently causes most problems on recieving e-mails.
To the best of my knowledge Outlook / Office 365 as well as Exchange seems to be quite tolerant while e.g. “community.nethserver.org” is not
We have 30 clients, and 8 of them gave us issues due to absent SPF records. We work in medical environments, so security is a bit more strict, but yeah … that. Our mails went straight to junk.
MX is mandatory from the email standards. That most servers guess based on CNAME and not having a MX record generally works, doesnt change that a proper configuration (and thus HAM rating) requires it.
I will agree my answer is less valid for home setups, but an absolute must for business applications.
Huh. I was sure you need that from both standards as proper configuration perspective. Not having one, will decrease your HAM rating on some more strict systems. But as you rightfully remark, it is not in the standards as a requirement as there is a fallback scenario.
From my experience, this does not reliably work. See for instance
This is an exception, I will grant you that, but corporate mailservers are a lot less forfiving then your average gmail or live.com and not receiving an email or having it handled as spam is missing revenue or responding late and bad for business. Thanks for correcting me on the requirement part, I must admit I never checked the actual RFC.
we use this for a SAAS for our clients, so that is a clinet decides to have clientname.domain.com then the system quesries and identifies if the record of the client is present, if its present it uses the db specified for the client nme
No, PTR records are not TXT records, they’re a separate record type. They would be set, if at all, by your ISP (or if you’re using a VPS, as I am, by your VPS host), not by your DNS provider or domain registrar.
OK, I am running my own host / physical machine behind my router. The DNS provider is my ISP provider, too. It is "green.ch, I got a statik IP from there. So do I need to set something up within my DNS record and / or my nethserver environment? Can I somehow check PTR and rDNS?
Yes, it is, per the relevant standards, already pointed out up-thread. It may improve the chances of your mail being delivered, but it is not required.