mailcow-dockerized-docs/prerequisite/prerequisite-dns/index.html

2804 Zeilen
Kein EOL
70 KiB
HTML

<!doctype html>
<html lang="en" class="no-js">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<link rel="canonical" href="https://docs.mailcow.email/prerequisite/prerequisite-dns/">
<link rel="prev" href="../prerequisite-system/">
<link rel="next" href="../../i_u_m/i_u_m_install/">
<link rel="icon" href="../../assets/images/favicon.png">
<meta name="generator" content="mkdocs-1.4.2, mkdocs-material-9.0.4">
<title>DNS setup - mailcow: dockerized documentation</title>
<link rel="stylesheet" href="../../assets/stylesheets/main.9c788c91.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/palette.2505c338.min.css">
<link rel="stylesheet" href="../../assets/stylesheets/extra.css">
<script>__md_scope=new URL("../..",location),__md_hash=e=>[...e].reduce((e,_)=>(e<<5)-e+_.charCodeAt(0),0),__md_get=(e,_=localStorage,t=__md_scope)=>JSON.parse(_.getItem(t.pathname+"."+e)),__md_set=(e,_,t=localStorage,a=__md_scope)=>{try{t.setItem(a.pathname+"."+e,JSON.stringify(_))}catch(e){}}</script>
</head>
<body dir="ltr" data-md-color-scheme="default" data-md-color-primary="" data-md-color-accent="">
<script>var palette=__md_get("__palette");if(palette&&"object"==typeof palette.color)for(var key of Object.keys(palette.color))document.body.setAttribute("data-md-color-"+key,palette.color[key])</script>
<input class="md-toggle" data-md-toggle="drawer" type="checkbox" id="__drawer" autocomplete="off">
<input class="md-toggle" data-md-toggle="search" type="checkbox" id="__search" autocomplete="off">
<label class="md-overlay" for="__drawer"></label>
<div data-md-component="skip">
<a href="#references" class="md-skip">
Skip to content
</a>
</div>
<div data-md-component="announce">
<aside class="md-banner">
<div class="md-banner__inner md-grid md-typeset">
<button class="md-banner__button md-icon" aria-label="Don't show this again">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
<center><h4>Alle Befehle sind gemäß der Syntax des <a href="https://docs.docker.com/compose/install/linux/">Docker Compose Plugins</a> beschrieben.<br>
All commands are written according to the <a href="https://docs.docker.com/compose/install/linux/">Docker Compose Plugin</a> syntax.</h4></center>
</div>
<script>var content,el=document.querySelector("[data-md-component=announce]");el&&(content=el.querySelector(".md-typeset"),__md_hash(content.innerHTML)===__md_get("__announce")&&(el.hidden=!0))</script>
</aside>
</div>
<header class="md-header" data-md-component="header">
<nav class="md-header__inner md-grid" aria-label="Header">
<a href="../.." title="mailcow: dockerized documentation" class="md-header__button md-logo" aria-label="mailcow: dockerized documentation" data-md-component="logo">
<img src="../../assets/images/logo.svg" alt="logo">
</a>
<label class="md-header__button md-icon" for="__drawer">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M3 6h18v2H3V6m0 5h18v2H3v-2m0 5h18v2H3v-2Z"/></svg>
</label>
<div class="md-header__title" data-md-component="header-title">
<div class="md-header__ellipsis">
<div class="md-header__topic">
<span class="md-ellipsis">
mailcow: dockerized documentation
</span>
</div>
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
DNS setup
</span>
</div>
</div>
</div>
<form class="md-header__option" data-md-component="palette">
<input class="md-option" data-md-color-media="" data-md-color-scheme="default" data-md-color-primary="" data-md-color-accent="" aria-label="Switch to dark mode" type="radio" name="__palette" id="__palette_1">
<label class="md-header__button md-icon" title="Switch to dark mode" for="__palette_2" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m17.75 4.09-2.53 1.94.91 3.06-2.63-1.81-2.63 1.81.91-3.06-2.53-1.94L12.44 4l1.06-3 1.06 3 3.19.09m3.5 6.91-1.64 1.25.59 1.98-1.7-1.17-1.7 1.17.59-1.98L15.75 11l2.06-.05L18.5 9l.69 1.95 2.06.05m-2.28 4.95c.83-.08 1.72 1.1 1.19 1.85-.32.45-.66.87-1.08 1.27C15.17 23 8.84 23 4.94 19.07c-3.91-3.9-3.91-10.24 0-14.14.4-.4.82-.76 1.27-1.08.75-.53 1.93.36 1.85 1.19-.27 2.86.69 5.83 2.89 8.02a9.96 9.96 0 0 0 8.02 2.89m-1.64 2.02a12.08 12.08 0 0 1-7.8-3.47c-2.17-2.19-3.33-5-3.49-7.82-2.81 3.14-2.7 7.96.31 10.98 3.02 3.01 7.84 3.12 10.98.31Z"/></svg>
</label>
<input class="md-option" data-md-color-media="" data-md-color-scheme="slate" data-md-color-primary="" data-md-color-accent="" aria-label="Switch to light mode" type="radio" name="__palette" id="__palette_2">
<label class="md-header__button md-icon" title="Switch to light mode" for="__palette_1" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M12 7a5 5 0 0 1 5 5 5 5 0 0 1-5 5 5 5 0 0 1-5-5 5 5 0 0 1 5-5m0 2a3 3 0 0 0-3 3 3 3 0 0 0 3 3 3 3 0 0 0 3-3 3 3 0 0 0-3-3m0-7 2.39 3.42C13.65 5.15 12.84 5 12 5c-.84 0-1.65.15-2.39.42L12 2M3.34 7l4.16-.35A7.2 7.2 0 0 0 5.94 8.5c-.44.74-.69 1.5-.83 2.29L3.34 7m.02 10 1.76-3.77a7.131 7.131 0 0 0 2.38 4.14L3.36 17M20.65 7l-1.77 3.79a7.023 7.023 0 0 0-2.38-4.15l4.15.36m-.01 10-4.14.36c.59-.51 1.12-1.14 1.54-1.86.42-.73.69-1.5.83-2.29L20.64 17M12 22l-2.41-3.44c.74.27 1.55.44 2.41.44.82 0 1.63-.17 2.37-.44L12 22Z"/></svg>
</label>
</form>
<div class="md-header__option">
<div class="md-select">
<button class="md-header__button md-icon" aria-label="Select language">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="m12.87 15.07-2.54-2.51.03-.03A17.52 17.52 0 0 0 14.07 6H17V4h-7V2H8v2H1v2h11.17C11.5 7.92 10.44 9.75 9 11.35 8.07 10.32 7.3 9.19 6.69 8h-2c.73 1.63 1.73 3.17 2.98 4.56l-5.09 5.02L4 19l5-5 3.11 3.11.76-2.04M18.5 10h-2L12 22h2l1.12-3h4.75L21 22h2l-4.5-12m-2.62 7 1.62-4.33L19.12 17h-3.24Z"/></svg>
</button>
<div class="md-select__inner">
<ul class="md-select__list">
<li class="md-select__item">
<a href="./" hreflang="en" class="md-select__link">
English
</a>
</li>
<li class="md-select__item">
<a href="../../de/prerequisite/prerequisite-dns/" hreflang="de" class="md-select__link">
Deutsch
</a>
</li>
</ul>
</div>
</div>
</div>
<label class="md-header__button md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
</label>
<div class="md-search" data-md-component="search" role="dialog">
<label class="md-search__overlay" for="__search"></label>
<div class="md-search__inner" role="search">
<form class="md-search__form" name="search">
<input type="text" class="md-search__input" name="query" aria-label="Search" placeholder="Search" autocapitalize="off" autocorrect="off" autocomplete="off" spellcheck="false" data-md-component="search-query" required>
<label class="md-search__icon md-icon" for="__search">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M9.5 3A6.5 6.5 0 0 1 16 9.5c0 1.61-.59 3.09-1.56 4.23l.27.27h.79l5 5-1.5 1.5-5-5v-.79l-.27-.27A6.516 6.516 0 0 1 9.5 16 6.5 6.5 0 0 1 3 9.5 6.5 6.5 0 0 1 9.5 3m0 2C7 5 5 7 5 9.5S7 14 9.5 14 14 12 14 9.5 12 5 9.5 5Z"/></svg>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M20 11v2H8l5.5 5.5-1.42 1.42L4.16 12l7.92-7.92L13.5 5.5 8 11h12Z"/></svg>
</label>
<nav class="md-search__options" aria-label="Search">
<button type="reset" class="md-search__icon md-icon" title="Clear" aria-label="Clear" tabindex="-1">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M19 6.41 17.59 5 12 10.59 6.41 5 5 6.41 10.59 12 5 17.59 6.41 19 12 13.41 17.59 19 19 17.59 13.41 12 19 6.41Z"/></svg>
</button>
</nav>
</form>
<div class="md-search__output">
<div class="md-search__scrollwrap" data-md-scrollfix>
<div class="md-search-result" data-md-component="search-result">
<div class="md-search-result__meta">
Initializing search
</div>
<ol class="md-search-result__list"></ol>
</div>
</div>
</div>
</div>
</div>
<div class="md-header__source">
<a href="https://github.com/mailcow/mailcow-dockerized" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
mailcow/mailcow-dockerized
</div>
</a>
</div>
</nav>
</header>
<div class="md-container" data-md-component="container">
<main class="md-main" data-md-component="main">
<div class="md-main__inner md-grid">
<div class="md-sidebar md-sidebar--primary" data-md-component="sidebar" data-md-type="navigation" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--primary" aria-label="Navigation" data-md-level="0">
<label class="md-nav__title" for="__drawer">
<a href="../.." title="mailcow: dockerized documentation" class="md-nav__button md-logo" aria-label="mailcow: dockerized documentation" data-md-component="logo">
<img src="../../assets/images/logo.svg" alt="logo">
</a>
mailcow: dockerized documentation
</label>
<div class="md-nav__source">
<a href="https://github.com/mailcow/mailcow-dockerized" title="Go to repository" class="md-source" data-md-component="source">
<div class="md-source__icon md-icon">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M439.55 236.05 244 40.45a28.87 28.87 0 0 0-40.81 0l-40.66 40.63 51.52 51.52c27.06-9.14 52.68 16.77 43.39 43.68l49.66 49.66c34.23-11.8 61.18 31 35.47 56.69-26.49 26.49-70.21-2.87-56-37.34L240.22 199v121.85c25.3 12.54 22.26 41.85 9.08 55a34.34 34.34 0 0 1-48.55 0c-17.57-17.6-11.07-46.91 11.25-56v-123c-20.8-8.51-24.6-30.74-18.64-45L142.57 101 8.45 235.14a28.86 28.86 0 0 0 0 40.81l195.61 195.6a28.86 28.86 0 0 0 40.8 0l194.69-194.69a28.86 28.86 0 0 0 0-40.81z"/></svg>
</div>
<div class="md-source__repository">
mailcow/mailcow-dockerized
</div>
</a>
</div>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../.." class="md-nav__link">
Information & Support
</a>
</li>
<li class="md-nav__item md-nav__item--active md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_2" type="checkbox" id="__nav_2" checked>
<label class="md-nav__link" for="__nav_2" tabindex="0" aria-expanded="true">
Prerequisites
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Prerequisites" data-md-level="1">
<label class="md-nav__title" for="__nav_2">
<span class="md-nav__icon md-icon"></span>
Prerequisites
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../prerequisite-system/" class="md-nav__link">
Prepare your system
</a>
</li>
<li class="md-nav__item md-nav__item--active">
<input class="md-nav__toggle md-toggle" data-md-toggle="toc" type="checkbox" id="__toc">
<label class="md-nav__link md-nav__link--active" for="__toc">
DNS setup
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
DNS setup
</a>
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#references" class="md-nav__link">
References
</a>
</li>
<li class="md-nav__item">
<a href="#reverse-dns-of-your-ip-address" class="md-nav__link">
Reverse DNS of your IP address
</a>
</li>
<li class="md-nav__item">
<a href="#the-minimal-dns-configuration" class="md-nav__link">
The minimal DNS configuration
</a>
</li>
<li class="md-nav__item">
<a href="#dkim-spf-and-dmarc" class="md-nav__link">
DKIM, SPF and DMARC
</a>
</li>
<li class="md-nav__item">
<a href="#the-advanced-dns-configuration" class="md-nav__link">
The advanced DNS configuration
</a>
</li>
<li class="md-nav__item">
<a href="#testing" class="md-nav__link">
Testing
</a>
</li>
<li class="md-nav__item">
<a href="#misc" class="md-nav__link">
Misc
</a>
<nav class="md-nav" aria-label="Misc">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#optional-dmarc-statistics" class="md-nav__link">
Optional DMARC Statistics
</a>
</li>
<li class="md-nav__item">
<a href="#email-test-for-spf-dkim-and-dmarc" class="md-nav__link">
Email test for SPF, DKIM and DMARC:
</a>
</li>
<li class="md-nav__item">
<a href="#fully-qualified-domain-name-fqdn" class="md-nav__link">
Fully Qualified Domain Name (FQDN)
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_3" type="checkbox" id="__nav_3" >
<label class="md-nav__link" for="__nav_3" tabindex="0" aria-expanded="false">
Installation, Update & Migration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Installation, Update & Migration" data-md-level="1">
<label class="md-nav__title" for="__nav_3">
<span class="md-nav__icon md-icon"></span>
Installation, Update & Migration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../i_u_m/i_u_m_install/" class="md-nav__link">
Installation
</a>
</li>
<li class="md-nav__item">
<a href="../../i_u_m/i_u_m_update/" class="md-nav__link">
Update
</a>
</li>
<li class="md-nav__item">
<a href="../../i_u_m/i_u_m_migration/" class="md-nav__link">
Migration
</a>
</li>
<li class="md-nav__item">
<a href="../../i_u_m/i_u_m_deinstall/" class="md-nav__link">
Deinstallation
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_4" type="checkbox" id="__nav_4" >
<label class="md-nav__link" for="__nav_4" tabindex="0" aria-expanded="false">
Post Installation Tasks
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Post Installation Tasks" data-md-level="1">
<label class="md-nav__title" for="__nav_4">
<span class="md-nav__icon md-icon"></span>
Post Installation Tasks
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../post_installation/firststeps-ssl/" class="md-nav__link">
Advanced SSL
</a>
</li>
<li class="md-nav__item">
<a href="../../post_installation/firststeps-disable_ipv6/" class="md-nav__link">
Disable IPv6
</a>
</li>
<li class="md-nav__item">
<a href="../../post_installation/firststeps-dmarc_reporting/" class="md-nav__link">
DMARC Reporting
</a>
</li>
<li class="md-nav__item">
<a href="../../post_installation/firststeps-ip_bindings/" class="md-nav__link">
IP bindings
</a>
</li>
<li class="md-nav__item">
<a href="../../post_installation/firststeps-local_mta/" class="md-nav__link">
Local MTA on Docker host
</a>
</li>
<li class="md-nav__item">
<a href="../../post_installation/firststeps-logging/" class="md-nav__link">
Logging
</a>
</li>
<li class="md-nav__item">
<a href="../../post_installation/firststeps-rp/" class="md-nav__link">
Reverse Proxy
</a>
</li>
<li class="md-nav__item">
<a href="../../post_installation/firststeps-rspamd_ui/" class="md-nav__link">
Rspamd UI
</a>
</li>
<li class="md-nav__item">
<a href="../../post_installation/firststeps-snat/" class="md-nav__link">
SNAT
</a>
</li>
<li class="md-nav__item">
<a href="../../post_installation/firststeps-sync_jobs_migration/" class="md-nav__link">
Sync job migration
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_5" type="checkbox" id="__nav_5" >
<label class="md-nav__link" for="__nav_5" tabindex="0" aria-expanded="false">
Models
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Models" data-md-level="1">
<label class="md-nav__title" for="__nav_5">
<span class="md-nav__icon md-icon"></span>
Models
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../models/model-acl/" class="md-nav__link">
ACL
</a>
</li>
<li class="md-nav__item">
<a href="../../models/model-passwd/" class="md-nav__link">
Password hashing
</a>
</li>
<li class="md-nav__item">
<a href="../../models/model-sender_rcv/" class="md-nav__link">
Sender and receiver model
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_6" type="checkbox" id="__nav_6" >
<label class="md-nav__link" for="__nav_6" tabindex="0" aria-expanded="false">
General Troubleshooting
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="General Troubleshooting" data-md-level="1">
<label class="md-nav__title" for="__nav_6">
<span class="md-nav__icon md-icon"></span>
General Troubleshooting
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../troubleshooting/debug/" class="md-nav__link">
Introduction
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-admin_login_sogo/" class="md-nav__link">
Admin login to SOGo
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-rspamd_memory_leaks/" class="md-nav__link">
Advanced: Find memory leaks in Rspamd
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-attach_service/" class="md-nav__link">
Attach to a Container
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-common_problems/" class="md-nav__link">
Common Problems
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-logs/" class="md-nav__link">
Logs
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-mysql_upgrade/" class="md-nav__link">
Manual MySQL upgrade
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-mysql_aria/" class="md-nav__link">
Recover crashed Aria storage engine
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-rm_volumes/" class="md-nav__link">
Remove Persistent Data
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-reset_pw/" class="md-nav__link">
Reset Passwords (incl. SQL)
</a>
</li>
<li class="md-nav__item">
<a href="../../troubleshooting/debug-reset_tls/" class="md-nav__link">
Reset TLS certificates
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_7" type="checkbox" id="__nav_7" >
<label class="md-nav__link" for="__nav_7" tabindex="0" aria-expanded="false">
Backup & Restore
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Backup & Restore" data-md-level="1">
<label class="md-nav__title" for="__nav_7">
<span class="md-nav__icon md-icon"></span>
Backup & Restore
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_7_1" type="checkbox" id="__nav_7_1" >
<label class="md-nav__link" for="__nav_7_1" tabindex="0" aria-expanded="false">
Component backup & restore
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Component backup & restore" data-md-level="2">
<label class="md-nav__title" for="__nav_7_1">
<span class="md-nav__icon md-icon"></span>
Component backup & restore
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-backup/" class="md-nav__link">
Backup
</a>
</li>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-restore/" class="md-nav__link">
Restore
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-coldstandby/" class="md-nav__link">
Cold-standby (rolling backup)
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_7_3" type="checkbox" id="__nav_7_3" >
<label class="md-nav__link" for="__nav_7_3" tabindex="0" aria-expanded="false">
Manual backups
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Manual backups" data-md-level="2">
<label class="md-nav__title" for="__nav_7_3">
<span class="md-nav__icon md-icon"></span>
Manual backups
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-backup_restore-maildir/" class="md-nav__link">
Maildir
</a>
</li>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-backup_restore-mysql/" class="md-nav__link">
MySQL (mysqldump)
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_7_4" type="checkbox" id="__nav_7_4" >
<label class="md-nav__link" for="__nav_7_4" tabindex="0" aria-expanded="false">
mailcow-internal backups
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="mailcow-internal backups" data-md-level="2">
<label class="md-nav__title" for="__nav_7_4">
<span class="md-nav__icon md-icon"></span>
mailcow-internal backups
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../backup_restore/b_n_r-accidental_deletion/" class="md-nav__link">
Recover accidentally deleted data
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8" type="checkbox" id="__nav_8" >
<label class="md-nav__link" for="__nav_8" tabindex="0" aria-expanded="false">
Manual/Guides/Examples
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Manual/Guides/Examples" data-md-level="1">
<label class="md-nav__title" for="__nav_8">
<span class="md-nav__icon md-icon"></span>
Manual/Guides/Examples
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_1" type="checkbox" id="__nav_8_1" >
<label class="md-nav__link" for="__nav_8_1" tabindex="0" aria-expanded="false">
mailcow UI
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="mailcow UI" data-md-level="2">
<label class="md-nav__title" for="__nav_8_1">
<span class="md-nav__icon md-icon"></span>
mailcow UI
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-bl_wl/" class="md-nav__link">
Blacklist / Whitelist
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-config/" class="md-nav__link">
Configuration
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-css/" class="md-nav__link">
CSS overrides
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-netfilter/" class="md-nav__link">
Netfilter
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-pushover/" class="md-nav__link">
Pushover
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-spamfilter/" class="md-nav__link">
Spamfilter
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-sub_addressing/" class="md-nav__link">
Sub-addressing
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-tags/" class="md-nav__link">
Tags (for Domains and Mailboxes)
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-spamalias/" class="md-nav__link">
Temporary email aliases
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-tfa/" class="md-nav__link">
Two-Factor Authentication
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/mailcow-UI/u_e-mailcow_ui-fido/" class="md-nav__link">
WebAuthn / FIDO2
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_2" type="checkbox" id="__nav_8_2" >
<label class="md-nav__link" for="__nav_8_2" tabindex="0" aria-expanded="false">
Postfix
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Postfix" data-md-level="2">
<label class="md-nav__title" for="__nav_8_2">
<span class="md-nav__icon md-icon"></span>
Postfix
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-trust_networks/" class="md-nav__link">
Add trusted networks
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-custom_transport/" class="md-nav__link">
Custom transport maps
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-extra_cf/" class="md-nav__link">
Customize/Expand main.cf
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-disable_sender_verification/" class="md-nav__link">
Disable Sender Addresses Verification
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-attachment_size/" class="md-nav__link">
Max. message size (attachment size)
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-relayhost/" class="md-nav__link">
Relayhosts
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-pflogsumm/" class="md-nav__link">
Statistics with pflogsumm
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Postfix/u_e-postfix-postscreen_whitelist/" class="md-nav__link">
Whitelist IP in Postscreen
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_3" type="checkbox" id="__nav_8_3" >
<label class="md-nav__link" for="__nav_8_3" tabindex="0" aria-expanded="false">
Unbound
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Unbound" data-md-level="2">
<label class="md-nav__title" for="__nav_8_3">
<span class="md-nav__icon md-icon"></span>
Unbound
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Unbound/u_e-unbound-fwd/" class="md-nav__link">
Using an external DNS service
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_4" type="checkbox" id="__nav_8_4" >
<label class="md-nav__link" for="__nav_8_4" tabindex="0" aria-expanded="false">
Dovecot
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Dovecot" data-md-level="2">
<label class="md-nav__title" for="__nav_8_4">
<span class="md-nav__icon md-icon"></span>
Dovecot
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-extra_conf/" class="md-nav__link">
Customize/Expand dovecot.conf
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-any_acl/" class="md-nav__link">
Enable "any" ACL settings
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-expunge/" class="md-nav__link">
Expunge a Users mails
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-fts/" class="md-nav__link">
FTS (Solr)
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-idle_interval/" class="md-nav__link">
IMAP IDLE interval
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-mail-crypt/" class="md-nav__link">
Mail crypt
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-more/" class="md-nav__link">
More Examples with DOVEADM
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-vmail-volume/" class="md-nav__link">
Move Maildir (vmail)
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-public_folder/" class="md-nav__link">
Public folders
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-static_master/" class="md-nav__link">
Static master user
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Dovecot/u_e-dovecot-catchall_vacation/" class="md-nav__link">
Vacation replies for catchall addresses
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_5" type="checkbox" id="__nav_8_5" >
<label class="md-nav__link" for="__nav_8_5" tabindex="0" aria-expanded="false">
Nginx
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Nginx" data-md-level="2">
<label class="md-nav__title" for="__nav_8_5">
<span class="md-nav__icon md-icon"></span>
Nginx
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Nginx/u_e-nginx_webmail-site/" class="md-nav__link">
Create subdomain webmail.example.org
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Nginx/u_e-nginx_custom/" class="md-nav__link">
Custom sites
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_6" type="checkbox" id="__nav_8_6" >
<label class="md-nav__link" for="__nav_8_6" tabindex="0" aria-expanded="false">
Watchdog
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Watchdog" data-md-level="2">
<label class="md-nav__title" for="__nav_8_6">
<span class="md-nav__icon md-icon"></span>
Watchdog
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Watchdog/u_e-watchdog-thresholds/" class="md-nav__link">
Thresholds
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Redis/u_e-redis/" class="md-nav__link">
Redis
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/Rspamd/u_e-rspamd/" class="md-nav__link">
Rspamd
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_9" type="checkbox" id="__nav_8_9" >
<label class="md-nav__link" for="__nav_8_9" tabindex="0" aria-expanded="false">
ClamAV
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="ClamAV" data-md-level="2">
<label class="md-nav__title" for="__nav_8_9">
<span class="md-nav__icon md-icon"></span>
ClamAV
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/ClamAV/u_e-clamav-whitelist/" class="md-nav__link">
Whitelist
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/ClamAV/u_e-clamav-additional_dbs/" class="md-nav__link">
Additional Databases
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/SOGo/u_e-sogo/" class="md-nav__link">
SOGo
</a>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_8_11" type="checkbox" id="__nav_8_11" >
<label class="md-nav__link" for="__nav_8_11" tabindex="0" aria-expanded="false">
Docker
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Docker" data-md-level="2">
<label class="md-nav__title" for="__nav_8_11">
<span class="md-nav__icon md-icon"></span>
Docker
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../manual-guides/Docker/u_e-docker-cust_dockerfiles/" class="md-nav__link">
Customize Dockerfiles
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/u_e-why_unbound/" class="md-nav__link">
Why unbound?
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/u_e-autodiscover_config/" class="md-nav__link">
Autodiscover / Autoconfig
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/u_e-80_to_443/" class="md-nav__link">
Redirect HTTP to HTTPS
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/u_e-reeanble-weak-protocols/" class="md-nav__link">
Re-enable TLS 1.0 and TLS 1.1
</a>
</li>
<li class="md-nav__item">
<a href="../../manual-guides/u_e-update-hooks/" class="md-nav__link">
Run scripts before and after updates
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_9" type="checkbox" id="__nav_9" >
<label class="md-nav__link" for="__nav_9" tabindex="0" aria-expanded="false">
Client Configuration
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Client Configuration" data-md-level="1">
<label class="md-nav__title" for="__nav_9">
<span class="md-nav__icon md-icon"></span>
Client Configuration
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../client/client/" class="md-nav__link">
Overview
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-android/" class="md-nav__link">
Android
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-apple/" class="md-nav__link">
Apple macOS / iOS
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-emclient/" class="md-nav__link">
eM Client
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-kontact/" class="md-nav__link">
KDE Kontact
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-outlook/" class="md-nav__link">
Microsoft Outlook
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-thunderbird/" class="md-nav__link">
Mozilla Thunderbird
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-windows/" class="md-nav__link">
Windows Mail
</a>
</li>
<li class="md-nav__item">
<a href="../../client/client-manual/" class="md-nav__link">
Manual configuration
</a>
</li>
</ul>
</nav>
</li>
<li class="md-nav__item md-nav__item--nested">
<input class="md-nav__toggle md-toggle " data-md-toggle="__nav_10" type="checkbox" id="__nav_10" >
<label class="md-nav__link" for="__nav_10" tabindex="0" aria-expanded="false">
Third party apps
<span class="md-nav__icon md-icon"></span>
</label>
<nav class="md-nav" aria-label="Third party apps" data-md-level="1">
<label class="md-nav__title" for="__nav_10">
<span class="md-nav__icon md-icon"></span>
Third party apps
</label>
<ul class="md-nav__list" data-md-scrollfix>
<li class="md-nav__item">
<a href="../../third_party/borgmatic/third_party-borgmatic/" class="md-nav__link">
Borgmatic Backup
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/checkmk/u_e-checkmk/" class="md-nav__link">
CheckMK
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/exchange_onprem/third_party-exchange_onprem/" class="md-nav__link">
Exchange Hybrid Setup
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/gitea/third_party-gitea/" class="md-nav__link">
Gitea
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/gogs/third_party-gogs/" class="md-nav__link">
Gogs
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/mailman3/third_party-mailman3/" class="md-nav__link">
Mailman 3
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/mailpiler/third_party-mailpiler_integration/" class="md-nav__link">
Mailpiler Integration
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/nextcloud/third_party-nextcloud/" class="md-nav__link">
Nextcloud
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/portainer/third_party-portainer/" class="md-nav__link">
Portainer
</a>
</li>
<li class="md-nav__item">
<a href="../../third_party/roundcube/third_party-roundcube/" class="md-nav__link">
Roundcube
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-sidebar md-sidebar--secondary" data-md-component="sidebar" data-md-type="toc" >
<div class="md-sidebar__scrollwrap">
<div class="md-sidebar__inner">
<nav class="md-nav md-nav--secondary" aria-label="Table of contents">
<label class="md-nav__title" for="__toc">
<span class="md-nav__icon md-icon"></span>
Table of contents
</label>
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#references" class="md-nav__link">
References
</a>
</li>
<li class="md-nav__item">
<a href="#reverse-dns-of-your-ip-address" class="md-nav__link">
Reverse DNS of your IP address
</a>
</li>
<li class="md-nav__item">
<a href="#the-minimal-dns-configuration" class="md-nav__link">
The minimal DNS configuration
</a>
</li>
<li class="md-nav__item">
<a href="#dkim-spf-and-dmarc" class="md-nav__link">
DKIM, SPF and DMARC
</a>
</li>
<li class="md-nav__item">
<a href="#the-advanced-dns-configuration" class="md-nav__link">
The advanced DNS configuration
</a>
</li>
<li class="md-nav__item">
<a href="#testing" class="md-nav__link">
Testing
</a>
</li>
<li class="md-nav__item">
<a href="#misc" class="md-nav__link">
Misc
</a>
<nav class="md-nav" aria-label="Misc">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#optional-dmarc-statistics" class="md-nav__link">
Optional DMARC Statistics
</a>
</li>
<li class="md-nav__item">
<a href="#email-test-for-spf-dkim-and-dmarc" class="md-nav__link">
Email test for SPF, DKIM and DMARC:
</a>
</li>
<li class="md-nav__item">
<a href="#fully-qualified-domain-name-fqdn" class="md-nav__link">
Fully Qualified Domain Name (FQDN)
</a>
</li>
</ul>
</nav>
</li>
</ul>
</nav>
</div>
</div>
</div>
<div class="md-content" data-md-component="content">
<article class="md-content__inner md-typeset">
<h1>DNS setup</h1>
<p>Below you can find a list of <strong>recommended DNS records</strong>. While some are mandatory for a mail server (A, MX), others are recommended to build a good reputation score (TXT/SPF) or used for auto-configuration of mail clients (SRV).</p>
<h2 id="references">References<a class="headerlink" href="#references" title="Permanent link">&para;</a></h2>
<ul>
<li>A good article covering all relevant topics:
<a href="https://www.rackaid.com/blog/email-dns-records">"3 DNS Records Every Email Marketer Must Know"</a></li>
<li>Another great one, but Zimbra as an example platform:
<a href="https://wiki.zimbra.com/wiki/Best_Practices_on_Email_Protection:_SPF,_DKIM_and_DMARC">"Best Practices on Email Protection: SPF, DKIM and DMARC"</a></li>
<li>An in-depth discussion of SPF, DKIM and DMARC:
<a href="https://www.skelleton.net/2015/03/21/how-to-eliminate-spam-and-protect-your-name-with-dmarc/">"How to eliminate spam and protect your name with DMARC"</a></li>
<li>A thorough guide on understanding DMARC:
<a href="https://seanthegeek.net/459/demystifying-dmarc/">"Demystifying DMARC: A guide to preventing email spoofing"</a></li>
</ul>
<h2 id="reverse-dns-of-your-ip-address">Reverse DNS of your IP address<a class="headerlink" href="#reverse-dns-of-your-ip-address" title="Permanent link">&para;</a></h2>
<p>Make sure that the PTR record of your IP address matches the FQDN of your mailcow host: <code>${MAILCOW_HOSTNAME}</code> <sup id="fnref:1"><a class="footnote-ref" href="#fn:1">1</a></sup>. This record is usually set at the provider you leased the IP address (server) from.</p>
<h2 id="the-minimal-dns-configuration">The minimal DNS configuration<a class="headerlink" href="#the-minimal-dns-configuration" title="Permanent link">&para;</a></h2>
<p>This example shows you a set of records for one domain managed by mailcow. Each domain that is added to mailcow needs at least this set of records to function correctly.</p>
<div class="highlight"><pre><span></span><code># Name Type Value
mail IN A 1.2.3.4
autodiscover IN CNAME mail.example.org. (your ${MAILCOW_HOSTNAME})
autoconfig IN CNAME mail.example.org. (your ${MAILCOW_HOSTNAME})
@ IN MX 10 mail.example.org. (your ${MAILCOW_HOSTNAME})
</code></pre></div>
<p><strong>Note:</strong> The <code>mail</code> DNS record which binds the subdomain to the given ip address must only be set for the domain on which mailcow is running and that is used to access the web interface. For every other mailcow managed domain, the <code>MX</code> record will route the traffic.</p>
<h2 id="dkim-spf-and-dmarc">DKIM, SPF and DMARC<a class="headerlink" href="#dkim-spf-and-dmarc" title="Permanent link">&para;</a></h2>
<p>In the example DNS zone file snippet below, a simple <strong>SPF</strong> TXT record is used to only allow THIS server (the MX) to send mail for your domain. Every other server is disallowed but able to ("<code>~all</code>"). Please refer to <a href="http://www.open-spf.org/">SPF Project</a> for further reading.</p>
<div class="highlight"><pre><span></span><code># Name Type Value
@ IN TXT &quot;v=spf1 mx a -all&quot;
</code></pre></div>
<p>It is highly recommended to create a <strong>DKIM</strong> TXT record in your mailcow UI and set the corresponding TXT record in your DNS records. Please refer to <a href="http://www.opendkim.org">OpenDKIM</a> for further reading.</p>
<div class="highlight"><pre><span></span><code># Name Type Value
dkim._domainkey IN TXT &quot;v=DKIM1; k=rsa; t=s; s=email; p=...&quot;
</code></pre></div>
<p>The last step in protecting yourself and others is the implementation of a <strong>DMARC</strong> TXT record, for example by using the <a href="http://www.kitterman.com/dmarc/assistant.html">DMARC Assistant</a> (<a href="https://dmarcian.com/dmarc-inspector/google.com">check</a>).</p>
<div class="highlight"><pre><span></span><code># Name Type Value
_dmarc IN TXT &quot;v=DMARC1; p=reject; rua=mailto:mailauth-reports@example.org&quot;
</code></pre></div>
<h2 id="the-advanced-dns-configuration">The advanced DNS configuration<a class="headerlink" href="#the-advanced-dns-configuration" title="Permanent link">&para;</a></h2>
<p><strong>SRV</strong> records specify the server(s) for a specific protocol on your domain. If you want to explicitly announce a service as not provided, give "." as the target address (instead of "mail.example.org."). Please refer to <a href="https://tools.ietf.org/html/rfc2782">RFC 2782</a>.</p>
<div class="highlight"><pre><span></span><code># Name Type Priority Weight Port Value
_autodiscover._tcp IN SRV 0 1 443 mail.example.org. (your ${MAILCOW_HOSTNAME})
_caldavs._tcp IN SRV 0 1 443 mail.example.org. (your ${MAILCOW_HOSTNAME})
_caldavs._tcp IN TXT &quot;path=/SOGo/dav/&quot;
_carddavs._tcp IN SRV 0 1 443 mail.example.org. (your ${MAILCOW_HOSTNAME})
_carddavs._tcp IN TXT &quot;path=/SOGo/dav/&quot;
_imap._tcp IN SRV 0 1 143 mail.example.org. (your ${MAILCOW_HOSTNAME})
_imaps._tcp IN SRV 0 1 993 mail.example.org. (your ${MAILCOW_HOSTNAME})
_pop3._tcp IN SRV 0 1 110 mail.example.org. (your ${MAILCOW_HOSTNAME})
_pop3s._tcp IN SRV 0 1 995 mail.example.org. (your ${MAILCOW_HOSTNAME})
_sieve._tcp IN SRV 0 1 4190 mail.example.org. (your ${MAILCOW_HOSTNAME})
_smtps._tcp IN SRV 0 1 465 mail.example.org. (your ${MAILCOW_HOSTNAME})
_submission._tcp IN SRV 0 1 587 mail.example.org. (your ${MAILCOW_HOSTNAME})
</code></pre></div>
<h2 id="testing">Testing<a class="headerlink" href="#testing" title="Permanent link">&para;</a></h2>
<p>Here are some tools you can use to verify your DNS configuration:</p>
<ul>
<li><a href="https://mxtoolbox.com/SuperTool.aspx">MX Toolbox</a> (DNS, SMTP, RBL)</li>
<li><a href="https://www.port25.com/dkim-wizard/">port25.com</a> (DKIM, SPF)</li>
<li><a href="https://www.mail-tester.com/">Mail-tester</a> (DKIM, DMARC, SPF)</li>
<li><a href="https://www.dmarcanalyzer.com/spf/checker/">DMARC Analyzer</a> (DMARC, SPF)</li>
<li><a href="http://multirbl.valli.org/">MultiRBL.valli.org</a> (DNSBL, RBL, FCrDNS)</li>
</ul>
<h2 id="misc">Misc<a class="headerlink" href="#misc" title="Permanent link">&para;</a></h2>
<h3 id="optional-dmarc-statistics">Optional DMARC Statistics<a class="headerlink" href="#optional-dmarc-statistics" title="Permanent link">&para;</a></h3>
<p>If you are interested in statistics, you can additionally register with some of the many below DMARC statistic services - or self-host your own.</p>
<div class="admonition tip">
<p class="admonition-title">Tip</p>
<p>It is worth considering that if you request DMARC statistic reports to your mailcow server and your mailcow server is not configured correctly to receive these reports, you may not get accurate and complete results. Please consider using an alternative email domain for receiving DMARC reports.</p>
</div>
<p>It is worth mentioning, that the following suggestions are not a comprehensive list of all services and tools available, but only a small few of the many choices.</p>
<ul>
<li><a href="https://gmail.com/postmaster">Postmaster Tool</a></li>
<li><a href="https://github.com/domainaware/parsedmarc">parsedmarc</a> (self-hosted)</li>
<li><a href="https://fraudmarc.com/">Fraudmarc</a></li>
<li><a href="https://dmarc.postmarkapp.com">Postmark</a></li>
<li><a href="https://dmarcian.com/">Dmarcian</a></li>
</ul>
<div class="admonition tip">
<p class="admonition-title">Tip</p>
<p>These services may provide you with a TXT record you need to insert into your DNS records as the provider specifies. Please ensure you read the provider's documentation from the service you choose as this process may vary.</p>
</div>
<h3 id="email-test-for-spf-dkim-and-dmarc">Email test for SPF, DKIM and DMARC:<a class="headerlink" href="#email-test-for-spf-dkim-and-dmarc" title="Permanent link">&para;</a></h3>
<p>To run a rudimentary email authentication check, send a mail to <code>check-auth at verifier.port25.com</code> and wait for a reply. You will find a report similar to the following:</p>
<div class="highlight"><pre><span></span><code>==========================================================
Summary of Results
==========================================================
SPF check: pass
&quot;iprev&quot; check: pass
DKIM check: pass
DKIM check: pass
SpamAssassin check: ham
==========================================================
Details:
==========================================================
....
</code></pre></div>
<p>The full report will contain more technical details.</p>
<h3 id="fully-qualified-domain-name-fqdn">Fully Qualified Domain Name (FQDN)<a class="headerlink" href="#fully-qualified-domain-name-fqdn" title="Permanent link">&para;</a></h3>
<div class="footnote">
<hr />
<ol>
<li id="fn:1">
<p>A <strong>Fully Qualified Domain Name</strong> (<strong>FQDN</strong>) is the complete (absolute) domain name for a specific computer or host, on the Internet. The FQDN consists of at least three parts divided by a dot: the hostname, the domain name, and the Top Level Domain (<strong>TLD</strong> for short). In the example of <code>mx.mailcow.email</code> the hostname would be <code>mx</code>, the domain name <code>mailcow</code> and the TLD <code>email</code>.&#160;<a class="footnote-backref" href="#fnref:1" title="Jump back to footnote 1 in the text">&#8617;</a></p>
</li>
</ol>
</div>
<hr>
<div class="md-source-file">
<small>
Last update:
<span class="git-revision-date-localized-plugin git-revision-date-localized-plugin-iso_datetime">2022-05-20 17:31:36</span>
</small>
</div>
</article>
</div>
</div>
<a href="#" class="md-top md-icon" data-md-component="top" hidden>
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path d="M13 20h-2V8l-5.5 5.5-1.42-1.42L12 4.16l7.92 7.92-1.42 1.42L13 8v12Z"/></svg>
Back to top
</a>
</main>
<footer class="md-footer">
<div class="md-footer-meta md-typeset">
<div class="md-footer-meta__inner md-grid">
<div class="md-copyright">
<div class="md-copyright__highlight">
Copyright &copy; 2023 Servercow Team & Community
</div>
Made with
<a href="https://squidfunk.github.io/mkdocs-material/" target="_blank" rel="noopener">
Material for MkDocs
</a>
</div>
<div class="md-social">
<a href="https://mailcow.email" target="_blank" rel="noopener" title="mailcow.email" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M352 256c0 22.2-1.2 43.6-3.3 64H163.3c-2.2-20.4-3.3-41.8-3.3-64s1.2-43.6 3.3-64h185.4c2.2 20.4 3.3 41.8 3.3 64zm28.8-64h123.1c5.3 20.5 8.1 41.9 8.1 64s-2.8 43.5-8.1 64H380.8c2.1-20.6 3.2-42 3.2-64s-1.1-43.4-3.2-64zm112.6-32H376.7c-10-63.9-29.8-117.4-55.3-151.6 78.3 20.7 142 77.5 171.9 151.6zm-149.1 0H167.7c6.1-36.4 15.5-68.6 27-94.7 10.5-23.6 22.2-40.7 33.5-51.5C239.4 3.2 248.7 0 256 0s16.6 3.2 27.8 13.8c11.3 10.8 23 27.9 33.5 51.5 11.6 26 21 58.2 27 94.7zm-209 0H18.6c30-74.1 93.6-130.9 172-151.6-25.5 34.2-45.3 87.7-55.3 151.6zM8.1 192h123.1c-2.1 20.6-3.2 42-3.2 64s1.1 43.4 3.2 64H8.1C2.8 299.5 0 278.1 0 256s2.8-43.5 8.1-64zm186.6 254.6c-11.6-26-20.9-58.2-27-94.6h176.6c-6.1 36.4-15.5 68.6-27 94.6-10.5 23.6-22.2 40.7-33.5 51.5-11.2 10.7-20.5 13.9-27.8 13.9s-16.6-3.2-27.8-13.8c-11.3-10.8-23-27.9-33.5-51.5zM135.3 352c10 63.9 29.8 117.4 55.3 151.6-78.4-20.7-142-77.5-172-151.6h116.7zm358.1 0c-30 74.1-93.6 130.9-171.9 151.6 25.5-34.2 45.2-87.7 55.3-151.6h116.6z"/></svg>
</a>
<a href="https://github.com/mailcow" target="_blank" rel="noopener" title="github.com" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 480 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M186.1 328.7c0 20.9-10.9 55.1-36.7 55.1s-36.7-34.2-36.7-55.1 10.9-55.1 36.7-55.1 36.7 34.2 36.7 55.1zM480 278.2c0 31.9-3.2 65.7-17.5 95-37.9 76.6-142.1 74.8-216.7 74.8-75.8 0-186.2 2.7-225.6-74.8-14.6-29-20.2-63.1-20.2-95 0-41.9 13.9-81.5 41.5-113.6-5.2-15.8-7.7-32.4-7.7-48.8 0-21.5 4.9-32.3 14.6-51.8 45.3 0 74.3 9 108.8 36 29-6.9 58.8-10 88.7-10 27 0 54.2 2.9 80.4 9.2 34-26.7 63-35.2 107.8-35.2 9.8 19.5 14.6 30.3 14.6 51.8 0 16.4-2.6 32.7-7.7 48.2 27.5 32.4 39 72.3 39 114.2zm-64.3 50.5c0-43.9-26.7-82.6-73.5-82.6-18.9 0-37 3.4-56 6-14.9 2.3-29.8 3.2-45.1 3.2-15.2 0-30.1-.9-45.1-3.2-18.7-2.6-37-6-56-6-46.8 0-73.5 38.7-73.5 82.6 0 87.8 80.4 101.3 150.4 101.3h48.2c70.3 0 150.6-13.4 150.6-101.3zm-82.6-55.1c-25.8 0-36.7 34.2-36.7 55.1s10.9 55.1 36.7 55.1 36.7-34.2 36.7-55.1-10.9-55.1-36.7-55.1z"/></svg>
</a>
<a href="https://twitter.com/mailcow_email" target="_blank" rel="noopener" title="twitter.com" class="md-social__link">
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><!--! Font Awesome Free 6.2.1 by @fontawesome - https://fontawesome.com License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License) Copyright 2022 Fonticons, Inc.--><path d="M459.37 151.716c.325 4.548.325 9.097.325 13.645 0 138.72-105.583 298.558-298.558 298.558-59.452 0-114.68-17.219-161.137-47.106 8.447.974 16.568 1.299 25.34 1.299 49.055 0 94.213-16.568 130.274-44.832-46.132-.975-84.792-31.188-98.112-72.772 6.498.974 12.995 1.624 19.818 1.624 9.421 0 18.843-1.3 27.614-3.573-48.081-9.747-84.143-51.98-84.143-102.985v-1.299c13.969 7.797 30.214 12.67 47.431 13.319-28.264-18.843-46.781-51.005-46.781-87.391 0-19.492 5.197-37.36 14.294-52.954 51.655 63.675 129.3 105.258 216.365 109.807-1.624-7.797-2.599-15.918-2.599-24.04 0-57.828 46.782-104.934 104.934-104.934 30.213 0 57.502 12.67 76.67 33.137 23.715-4.548 46.456-13.32 66.599-25.34-7.798 24.366-24.366 44.833-46.132 57.827 21.117-2.273 41.584-8.122 60.426-16.243-14.292 20.791-32.161 39.308-52.628 54.253z"/></svg>
</a>
</div>
</div>
</div>
</footer>
</div>
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../..", "features": ["navigation.top", "navigation.tracking", "announce.dismiss"], "search": "../../assets/javascripts/workers/search.e5c33ebb.min.js", "translations": {"clipboard.copied": "Copied to clipboard", "clipboard.copy": "Copy to clipboard", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.placeholder": "Type to start searching", "search.result.term.missing": "Missing", "select.version": "Select version"}}</script>
<script src="../../assets/javascripts/bundle.ba449ae6.min.js"></script>
<script src="../../assets/javascripts/client.js"></script>
</body>
</html>