Kairion Posted February 15, 2023 Posted February 15, 2023 If your domain's DNS is hosted elsewhere (you are not using HelioHost nameservers: ns1.heliohost.org and ns2.heliohost.org) and your service provider supports importing Bind zone text files, you can use one of these attached files to automatically create A, AAAA, and CNAME records for Tommy and Johnny. What do these files do? When you import them to your DNS service provider, it will: Add an A record pointing your base domain (e.g. yourdomain.com) to the correspondent HelioHost server. Add an AAAA record pointing your base domain (e.g. yourdomain.com) to the correspondent HelioHost server. Add a CNAME record pointing your subdomain www (e.g. www.yourdomain.com) to your base domain (e.g. yourdomain.com). Add an MX record pointing to your domain (yep, your domain is your host, at least if you use HelioHost servers for that purpose). Add a simple TXT record for SPF, allowing only your account's server to handle your emails (if you also use other systems, it has to be changed to include all your servers, or else your emails will fail SPF and DMARC validations). Add a basic (and honestly useless) DMARC record. If you only want emails to work, that will do. If you desire to manage your mail system, read about DMARC policies and update them accordingly. You can get your DKIM record from your Plesk panel. Log into it, click on Mail, Mail Settings, select your domain, check the "Use DKIM spam protection system to sign outgoing email messages" option, and click on Apply. After the page reloads, go down to that checkbox again, and on its right side, you will see the link "How to configure external DNS". Click on it and add both records it generated for you. How do I use them? Download the file correspondent to your account's server, open it with notepad (or another basic text file editor), and press CTRL+H (Replace). On Find write the dummy text yourdomain.com and on Replace insert your base domain (i.e. without www), and click on Replace all. Save and close your file. If needed (e.g. IP addresses on the Plesk panel different than in your server's text file here), use Replace to change them as you did with your domain. Here is an example: Now go to your DNS provider and import your text file into it (if you do not know how to do that, either ask your DNS provider customer support or post in this section and our community may help you. IMPORTANT: At least on Cloudflare service, these records do not overwrite preexistent ones, so if you already have any or all of the mentioned records, you have to delete them before importing one of these files, or else you will get duplicate records, thus messing your DNS and giving you a headache. Please also be warned that due to the nature of IP4 and IP6 SPF mechanisms and how Cloudflare work, it is not possible right now to keep your IP addresses hidden. Be sure it is not a problem for you. If it is a problem, you should start looking into SMTP relays. It would be possible to include email-related records, but since some email records require (or could have, if one so desires) customization, at least for now, I didn't write a Bind zone text file for them. Also, I have not written a text file for Ricky because it is impossible to sign up for an account on it now, though as soon as it gets rebuilt, I will update this topic to include a file for its records. add_tommy_records.txt add_johnny_records.txt
wolstech Posted February 15, 2023 Posted February 15, 2023 Nice. Can you add the SPF and MX to these as well? Email won't work otherwise. Also, with Tommy the A record can vary as Tommy uses multiple IPs to help protect against DDoS. The user needs to get the IP for their domain from plesk.
Kairion Posted February 16, 2023 Author Posted February 16, 2023 Sure, files were improved to include MX, SPF, and DMARC records. I included SPF records allowing IP addresses, but per SPF's RFC, it is possible (and it would be easier and clearer) to determine the web server or the mail server ("a" and "mx" mechanisms), thus even if its A and AAAA records are changed, it wouldn't be necessary to alter the SPF record too. Unfortunately, Google seems to have some unwritten rules against their use, which led me to use the IP4 and IP6 mechanisms. Another alternative would be if HelioHost had an "include" address, e.g. _spf.heliohost.org, listing all Tommy's, Johnny's, and Ricky's IP addresses (or IP blocks), and all users would only add to their DNS records something like that: v=spf1 include:_spf.heliohost.org ~all The obvious downside: they'd be allowing all those IP addresses to send emails on behalf of their domains, which could be somehow prevented with a different implementation, e.g. _tommy.heliohost.org (listing all possible Tommy IP addresses), _johnny.heliohost.org, _ricky.heliohost.org and it would go on.
singold Posted June 2, 2023 Posted June 2, 2023 This is great, thanks! I've tried it just now and cloudlfare gave me an "info" warning about the spf record for johnny. It seems there is a mising semi colon after "none" at the end (at least that fixed the "warning" for me)
itskusum Posted November 6 Posted November 6 (edited) And please look into what's the issue that mail is not receiving from my webmail. DKIM - Name : default._domainkey.[mydomain_name] Content : [as per your previous thread] DMARC - Name : _dmarc.[mydomain_name] Content : v=DMARC1; p=none SPF - Name : [mydomain_name] Content : v=spf1 ip4:[ip4_address] ip6:[ip6_address] ~all MX - Name : [mydomain_name] Mail Server : [mydomain_name] Priority : 0 Update 1 : Undelivered Mail message from Gmail - host gmail-smtp-in.l.google.com[142.251.2.26] said: 550-5.7.1 [[ip4_address] 12] Gmail has detected that this message is likely 550-5.7.1 unsolicited mail. To reduce the amount of spam sent to Gmail, this 550-5.7.1 message has been blocked. For more information, go to 550 5.7.1 https://support.google.com/mail/?p=UnsolicitedMessageError 41be03b00d2f7-7f40bab0e1csi1588052a12.602 - gsmtp (in reply to end of DATA command) Update 2 : Working now. The problem was - SSL/TLS certificate for mail was not selected. Update 3 : It had to reset my account for some reason, and after fixing all back, gmail again started rejecing my mail. If this happens, just give 3-5 days, and will automatically solve the issue. Moreover you can raise your issue by visiting https://support.google.com/mail/troubleshooter/2696779?hl=en-GB&ref_topic=7280460&sjid=12533985547570789562-AP I raised the issue but, but the problem solved automatically as the status of my issue is still In Progress. You can check the status visiting https://support.google.com/mail?hl=en-GB&sjid=12533985547570789562-AP#topic=7065107 Edited November 9 by itskusum Updating my status for helping other people 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now