Hello, i have my server working now, i can send and receive email, i have 2 diferents domains working for the tests (i need to add like 20 domains for the production stage), a web with database, everything works fine with the exception that the DNS i set in the zone for one of those domains are not refreshing. hostbaires.net is also the same name of my server, the DNS of this one works fine. istorepos.com.mx is the one that the DNS are not refreshing. I've got it running on Debian 9, i've use the perfect-server-debian-9-stretch-apache-bind-dovecot-ispconfig-3 For istorepos.com.mx in the zone i've got a dmarc record with the following values: Code: v=DMARC1;p=quarantine;sp=quarantine;pct=100;adkim=r;aspf=r;rua=mailto:[email protected];ruf=mailto:[email protected];rf=afrf;ri=86400;fo=0 But if i use different tools to check the dmarc record i've got the original values of the first one i crate for tests: Code: v=DMARC1;p=none;sp=none;pct=100;adkim=r;aspf=r;rua=mailto:[email protected];rf=afrf;ri=86400;fo=1 Also i set a reverse zone for my server, following this tutorial: https://www.howtoforge.com/tutorial...vice-with-ispconfig/#nbspreverse-name-service But in some tools on the web i've got a warning message for both of my domains. smtp mail.hostbaires.net Reverse DNS is not a valid Hostname smtp mail.istorepos.com.mx Reverse DNS is not a valid Hostname I'm brand new in this matters, and i'm sure i've done a lot of things wrong, so if you can point me in the right direction i will appreciate a lot the help, also if you need the informations of some logs please tell me.
How long did you wait? DNS updates may take up to 24 hours until caching name servers have read your new values. You can check which config your local server has for a given zone by looking at the BIND zone configuration file which is in /etc/bind/ directory. You should also check if there are any files with .err file ending there as this means that BIND rejected the config for that zone due to errors. In most cases the reverse record of your IP is not set on your server, it is set in the DNS server of the datacenter which assigned you the IP. Contact the support of the datacenter where you host the server and ask them where the reverse record for the Ip needs to be set.
Hi Till, thank you so much for your response, let me response: The changes i was speaking about i did it on Saturday Night. About the error file effectively i've got one with this values: File name pri.istorepos.com.mx.err Code: $TTL 3600 @ IN SOA ns1.istorepos.com.mx. soporte.bairesagency.com. ( 2019072905 ; serial, todays date + todays serial # 7200 ; refresh, seconds 540 ; retry, seconds 1309600 ; expire, seconds 3600 ) ; minimum, seconds ; ftp 3600 A 70.35.205.116 istorepos.com.mx. 3600 A 70.35.205.116 mail 3600 A 70.35.205.116 webmail.istorepos.com.mx. 3600 A 70.35.205.116 www 3600 A 70.35.205.116 istorepos.com.mx. 3600 MX 10 mail.istorepos.com.mx. istorepos.com.mx. 3600 NS ns1.istorepos.com.mx. istorepos.com.mx. 3600 NS ns2.istorepos.com.mx. default._domainkey.istorepos.com.mx. 3600 TXT "v=DKIM1; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnH3r5h2U/q9ygpROoFXGQ/kJa8emPqWBoYIG+vXpSlEXjVnI$ istorepos.com.mx. 3600 TXT "v=spf1 mx a:mail.istorepos.com.mx include:hostbaires.net ip4:70.35.205.116 ~all" _dmarc.istorepos.com.mx. 3600 TXT "v=DMARC1;p=quarantine;sp=quarantine;pct=100;adkim=r;aspf=r;rua=mailto:[email protected];ruf=mailto:[email protected];rf=afrf;ri=86400;fo=0" The problems is that i'm not able to see where is the error.. About the second part of your message: That's true and in the panel of my datacenter I can set the reverse for the IP, by adding the domain name, in my case i add hostbaires.net for example if i check my domain with https://intodns.com/ in the MX section I've got: Your reverse (PTR) record: 116.205.35.70.in-addr.arpa -> hostbaires.net You have reverse (PTR) records for all your IPs, that is a good thing. But with others tools i've got a warning message that said, that for the mail.domain1.net, or mail.domain2.com.mx has a "Reverse DNS is not a valid Hostname" And i saw that someone set a PTR record inside of the zone, like this: (I've change their values for mine) Name: 116.205.35.70.in-addr.arpa. Canonical Hostname: hostnaires.net TTL:3600 But also for what i've read, i understand that you can only set the reverse only for one domain, so how this will work with the multi domains i'm going to have to host?, because every domain is going to have their own mx record pointing to their own domain, acording to the tamplate: MX|{DOMAIN}.|mail.{DOMAIN}.|10|3600 This is a little bit confusing to me yet. or i have to change this so all the domains will have my main domain values?
Use the command named-checkzone to get the detailed error message. The most common mistake is that you used NS records for this zone which are subdomains of the same zone and in this case, you must add them as A-Records as well. If the A-Records are missing, then BIND will not load the zome. This is a special case and applies only for the case that the NS of a zone points to itself. But named-checkzone will tell you the reason in detail. That's ok, otherwise we would not use that as the default template, the MX is not the PTR. What you have to do is to set the PTR to the hostname of the server and the hostname of the server must exist as DNA A-Record, that's all.
Hi Till, you were absolutely right, the problems are the NS record of the Zone, as you can see: Code: root@server1:/etc/bind# named-checkzone istorepos.com.mx /etc/bind/pri.istorepos.com.mx.err zone istorepos.com.mx/IN: NS 'ns1.istorepos.com.mx' has no address records (A or AAAA) zone istorepos.com.mx/IN: NS 'ns2.istorepos.com.mx' has no address records (A or AAAA) zone istorepos.com.mx/IN: not loaded due to errors. But this is set like this because of the template of the zone: Code: NS|{DOMAIN}.|{NS1}.|0|3600 NS|{DOMAIN}.|{NS2}.|0|3600 So I assume that i should change that so the NS record of all the domains i will host use the NS records of my main domain, also this DNS records are the same to be set on the domain provider, like mydomain.com o akky.net, etc., as a note in my main domain i have set the A records for the NS records. But this let me with a doubt, about the SOA in the template is set like this: Code: [ZONE] origin={DOMAIN}. ns={NS1}. mbox={EMAIL}. refresh=7200 retry=540 expire=1309600 minimum=3600 ttl=3600 For the NS instead of {NS1}, souldn't be set also with my main domain? ns1.hostbaires.net Or I getting everything wrong? About the second part of your message: I'm not quite getting what you mean with "must exist as DNA A-Record", could you gave me an example?
The DNS template is fine, the nameserver name that you enter there is up to you and you normally use the hostname of the DNS server here. It is a special case when you use a subdomain of the zone itself as dns server and in this special case, you must addns1 and ns2 as A-Records to. If you always want to use the subdomain of the zone itself, then you can extend the template of course so that A records for the ns records get added automatically. How does DNS work: The NS record tells the client on which DNS server the zone is, so when you enter ns1.domain.tld there, then the client tries to resolve ns1.domain.tld to be able to query the server. But how shall he be able to do that when there is no A-Record where he can get the IP from. And that's what BIND complains about.
