Mail server running on a subdomain - how could email acceptance by other servers be influenced by dns records for different ips?

cssdev

7/9/24, 1:44 PM

I started to run a self-hosted mail server which I want to be reachable via a subdomain only. I have an A record for mail.sub.domain.tld and an MX record for sub.domain.tld /edit: which points to mail.sub.domain.tld. (I also set up spf, dkim and dmarc TXT records for sub.domain.tld, dkim._domainkey.sub.domain.tld and _dmarc.sub.domain.tld respectively)

I have a couple of servers which I want to use with the domain. Could it be a problem for the acceptance of my email by other servers if the A record for sub.domain.tld points to a different ip as mail.sub.domain.tld?

What about if the same is true for domain.tld and foo.sub.domain.tld? I think at least the last one should be possible but I'm not super-confident in my understanding of DNS in general.

1 + 0

domain-name-system

email-server

spf

dkim

dmarc

Score:3

Server

Keith Langmead

7/9/24, 2:17 PM

That should be fine. As long as the records relating to email match up in both directions, you can have other DNS records pointing to different IP addresses all you want.

For instance quite a common scenario would be to have inbound email delivered to mail.sub.domain.tld on one IP address, and a website hosted on a different server/IP address pointing to www.sub.domain.tld and sub.domain.tld.

Obviously if you're sending from the mail.sub.domain.tld IP(s), and also have the website sending emails (for instance contact forms), then you'd need to ensure that both of them are included in your SPF record, so receiving servers see both as valid email sources.

The same is true for domain.tld, as you'd have separate MX / A / SPF records for that domain level, so they wouldn't impact each other. For instance mail.sub.domain.tld and mail.domain.tld could have completely different setups and DNS records without negatively interacting with each other.

If a receiving server got an email from [email protected] it will specifically look in sub.domain.tld for an SPF record, not in the root domain.tld domain that could be configured with completely different details.

+ 2

cssdev

7/9/24, 2:43 PM

Thanks! I think I get it. What still feels a bit strange to me, is that all my email is coming from `@sub.domain.tld` while the actual mail server which connects with the recipient server might have a completely different ip compared to the result of a dns query for (the A record of) `sub.domain.tld`. But making that possible just seems to be the purpose of the MX record in the first place.

Keith Langmead

7/9/24, 2:55 PM

Yep, the server receiving email, the one sending email, and the one users connect to access email can if needed be completely different servers with different IP addresses, but obviously for things like SPF records it's only the sending one that needs inclusion. You see that quite often where spam screening is in place, eg the MX points to the screening servers, not the mail server that eventually receives them and from where the emails are sent.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Mail server running on a subdomain - how could email acceptance by other servers be influenced by dns records for different ips?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.