Answer the question
In order to leave comments, you need to log in
DNS records: can mail.site.com be routed to a different IP than the DKIM/SPF/DMARC records configured?
There is a VPS with an ISP Manager panel. The site is on the current server. DNS records of the domain right there. The records have a mail.site.com A-record set with a different IP value, because all mailboxes are contained there.
But I need to send email notifications from the site via php so that they do not fall into spam. Accordingly, I want to enter DKIM / SPF / DMARC records in the DNS of the current server. Is it possible when they are specified for the current server, but at the same time, the mail.site.com A-record leads to another IP?
I don’t really understand how it works, but I want to correctly enter a few lines of these myself.
Answer the question
In order to leave comments, you need to log in
It doesn't matter what hostname the mail server has (what it sends to SMTP HELO), the main thing is that the PTR record on the IP address points to the same domain.
SPF/DKIM/DMARC records must be for the domain from which you specify the address in the From field ([email protected] example.com ).
Good afternoon, yes of course. You can have a registrar in one place, a working DNS zone in another, where NS records will point, and where you will edit other DNS records, a website in a third place, and mail in a fourth. Accordingly, in the SPF record, you specify both sending sources, there can be several DKIM, in this case two, and configure DMARC, preferably with the ruf parameter, to receive notifications if the SPF or DMARC check did not work, for example,
v = DMARC1; p=quarantine; sp=quarantine; rua=mailto:[email protected]; pct=1; ruf=mailto:[email protected]; fo=1
As an option, in order not to keep mail on a separate hosting, you can transfer mailboxes with all the contents to a free and dimensionless Mail Ru for business
Read this article about setting up SMTP
https://7fk.ru/nastroyka-smtp/
The mail and SPF, DMARC, DKIM records must match and lead to the server that processes mail for the domain.
Will not match - you will have problems sending mail.
If you need to send mail from php, nothing prevents you from sending it using your mail server as a relay.
DKIM/SPF/DMARC records do not specify an IP address, only the domain and server name.
Examples of records in DNS server zones:
DKIM
_domainkey.example.com. TXT "t=s; o=~;"
mail._domainkey.example.com. TXT "k = rsa \; t = s \; p = MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQmO9AuWRbWPgl / jzDPQodrLfFLFqYYi6bCBnsTOCOJQrFbGgiR1C01j4zLw8XgG3rQ0WAaeg6Z / y39Ah7IONfs5gQuK6eGZMmYwIsZyz2dQoUDmDLCb1WygpkrqsCbyPw3SWGihM4iChOwo7Ovo2mTOWOf5ejeZcP2qqNb9nRMQIDAQAB"
Source.
SPF
example.org. IN TXT "v=spf1 +a +mx -all"
Source.
DMARC
_dmarc.domain.tld IN TXT "v=DMARC1; p=;"
or
_dmarc.domain.tld IN TXT "v=DMARC1; p=none; sp=none; rua=mailto:[email protected]"
Source.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question