en - RE: [sympa-users] DNS settings for multiple virtual hosts: best practices

Subject: The mailing list for listmasters using Sympa

List archive

RE: [sympa-users] DNS settings for multiple virtual hosts: best practices

From: "McLaren, Terry" <address@concealed>
To: Tom Browder <address@concealed>
Cc: "address@concealed" <address@concealed>
Subject: RE: [sympa-users] DNS settings for multiple virtual hosts: best practices
Date: Wed, 29 Jan 2020 22:34:04 +0000

It works just fine. Here’s the network part of a checklist we use to create consistent robots:

SSL cert: Include robot.Name on SSL cert for lists.illinois.edu
CNAME for robot.Name to point to lists.illinois.edu

the robot will inherit the MX and TXT records from the CNAME.

If mail is received in a different domain . e.g. @some.email.domain and web interface https://lists.robot.Name

then an MX and TXT record for robot.email.domain

i. An MX record to use incoming-relays.illinois.edu (where to send inbound email)

ii. A TXT record "v=spf1 +include:lists.illinois.edu -all" (authorization to use outbound-relays)

If legacy domains exist that still receive email, then...

MX record for each legacy domain to point to incoming-relays.illinois.edu

Note: incoming-relays.illinois.edu is our gateway for the +380 email domains we host for campus.

Do some DNS queries and you’ll see the details. e.g.

https://lists.aces.illinois.edu

- in this case the web server sits at lists.aces…. but the email domain is @aces.illinois.edu. (option 2 & 3 above.)

>nslookup -type=any lists.aces.illinois.edu

lists.aces.illinois.edu canonical name = lists.illinois.edu

>nslookup -type=mx aces.illinois.edu

aces.illinois.edu MX preference = 10, mail exchanger = incoming-relays.illinois.edu

>nslookup -type=txt aces.illinois.edu

aces.illinois.edu text = "v=spf1 +include:lists.illinois.edu +include:illinois.edu -all"

https://lists.ischool.illinois.edu

https://mail.krannertcenter.illinois.edu

https://lists.beckman.illinois.edu

https://lists.btaa.org

https://lists.cs.illinois.edu

https://lists.education.illinois.edu

https://lists.illinois.edu

https://lists.mste.illinois.edu

https://lists.ncsa.illinois.edu

https://lists.poets-erc.org

https://lists.psychology.illinois.edu

https://lists.sharps.org

etc…

I recently did stats so here are some ball park numbers for our robots.

The 25 robots are hosted on a VM (3 processor, 12GB RAM 300GB HD)
~7300 lists across all robots,
~914,500 (total subscribers)
~439,300 (unique email addresses from ~29,700 unique domains)

The VM runs smoothly with:

1 sympa process
1 task_manager
9 bulk.pl processes
8 wwsympa processes

Sympa Rocks!

Terry McLaren

University of Illinois Listmaster

-----Original Message-----

From: Tom Browder <address@concealed>

Sent: Wednesday, January 29, 2020 11:52 AM

To: McLaren, Terry <address@concealed>

Cc: address@concealed

Subject: Re: [sympa-users] DNS settings for multiple virtual hosts: best practices

[Note: I don't usually top post but Terry forgot to CC this list.]

Terry, I don't understand how that will work when my virtual hosts are unique domains. So, my mail server (mail.example.com) should work for:

address@concealed

...

-Tom

On Wed, Jan 29, 2020 at 10:05 AM McLaren, Terry <address@concealed> wrote:

> Hi Tom - We run 25 robots on the same server at U of I and cname all of them to our primary robot, lists.illinois.edu. This way they inherit all other dns settings (mx, spf, etc).

> Terry McLaren

> -----Original Message-----

> From: address@concealed

> <address@concealed> On Behalf Of Tom Browder

> Sent: Wednesday, January 29, 2020 9:29 AM

> To: address@concealed

> Subject: [sympa-users] DNS settings for multiple virtual hosts: best

> practices

> It seems like every guide I read about DNS settings to handle a single mail server for multiple virtual hosts has a slightly different approach for required DNS records.

> Can anyone point me to a good recipe for how to do such?

> Here is what I have come up with so far with help from experts on the Postfix mailing list (from several years ago):

> https://github.com/tbrowder/apache-httpd-tidbits/blob/master/MAIL-DNS.

> md

> Repeated less clearly here:

> ===================

> Given:

> a single Debian server

> running Apache httpd

> use as a mail server

> use as a webserver with multiple virtual hosts static IP address:

> 192.168.2.100 mail server name: mail.example.com

> DNS records for all virtual hosts named X.TLD (including example.com):

> X.TLD. IN A w

> WWW.X.TLD. IN CNAME X.TLD.

> @. IN MX X.TLD.

> @. IN TXT "v=spf1 mx ?all"

> X.TLD. IN MX 10 mail.example.com.

> additional DNS records for example.com:

> mail.example.com. IN CNAME example.com

> 100.2.168.192.in-addr.arpa. IN PTR mail.example.com.

> A PR would be cool for corrections.

> Thanks.

> -Tom

[sympa-users] DNS settings for multiple virtual hosts: best practices, Tom Browder, 01/29/2020
- Message not available
  - Re: [sympa-users] DNS settings for multiple virtual hosts: best practices, Tom Browder, 01/29/2020
    - RE: [sympa-users] DNS settings for multiple virtual hosts: best practices, McLaren, Terry, 01/29/2020
      - Re: [sympa-users] DNS settings for multiple virtual hosts: best practices, Tom Browder, 01/29/2020
        
        RE: [sympa-users] DNS settings for multiple virtual hosts: best practices, McLaren, Terry, 01/30/2020

List archive

RE: [sympa-users] DNS settings for multiple virtual hosts: best practices