Re: [qmailtoaster] Re: using registrar's DNS instead of djbdns or Bind
Sorry to be a pest...
The config docs at
http://wiki.qmailtoaster.com/index.php/CentOS_5_QmailToaster_Install says
the following
Make dns entry:
BIND - in the your-domain.com zone file (see public.txt for the
private._domainkey.your-domain.com entry):
_domainkey.your-domain.com. IN TXT t=y; o=-
Note: This is putting it into test mode. If you are done testing, and want
to take it out of testing mode, change the above to reflect below.
_domainkey.your-domain.com. IN TXT o=-
Then also add this to your zone file:
private._domainkey.your-domain.com. IN TXT k=rsa; p=MEwwDQY . . . to
end of key
(NOTE QUOTATION MARKS MUST BE THERE)
- - - - - -
I can replace that with :
# yum install caching-nameserver
# service start named
# chkconfig named on
Then put
nameserver 127.0.0.1
as the first record in your /etc/resolv.conf file.
Add the A and MX records at my registrar and I'm done other than the testing
you suggest in the config docs.
Thanks again for all your support and guidance!
- - - - -
On Tue, Apr 26, 2011 at 2:30 PM, Eric Shubert e...@shubes.net wrote:
On 04/26/2011 02:08 PM, Scott Hughes wrote:
-Original Message-
From: Eric Shubert [mailto:e...@shubes.net]
Sent: Tuesday, April 26, 2011 4:01 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] Re: using registrar's DNS instead of djbdns or
Bind
Just set up your authoritative DNS (A,MX) records at your registrar. QMT
doesn't need to know about that at all.
Then on QMT, simply:
# yum install caching-nameserver
# service start named
# chkconfig named on
Then put
nameserver 127.0.0.1
as the first record in your /etc/resolv.conf file.
That's all you need to do. Your QMT host doesn't give a hoot about
authoritative DNS. It'll get everything it needs from the recursor (aka
caching-nameserver).
Eric,
When I installed the caching-nameserver on my main QMT server I had to
edit
the config file so that it would forward lookups. I had to do this on the
new machine I just recently built as well.
Thanks,
Scott
That's a good thing to do, but it isn't required. I was a little lazy
writing the post. Plus, the upstream recursor you choose can vary depending
on you ISP or geographical location.
Here's what I'm presently using in my /etc/named.conf file:
//
// named.conf
//
options {
forward first;
forwarders {
205.171.3.25;
208.67.222.220;
205.171.2.25;
208.67.222.222;
};
};
logging {
category lame-servers { null; };
};
The 205.171.n.25 recursors are Qwest's, and the 208.67.222.220 (there are
others as well) are OpenDNS.
It's be really nice if someone would write up a wiki page. I'd be glad to
edit it. The existing DomainKeys page would be a good starting point. That
page is obsolete when it comes to the DomainKeys part (DKIM is replacing
DK), but I think the general DNS stuff there will continue to be valid.
Would someone care to do this?
--
-Eric 'shubes'
-
Qmailtoaster is sponsored by Vickers Consulting Group (
www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and
packages.
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: using registrar's DNS instead of djbdns or Bind
On 04/28/11 7:34, Keith Smith wrote: Sorry to be a pest... The config docs at http://wiki.qmailtoaster.com/index.php/CentOS_5_QmailToaster_Install says the following Make dns entry: BIND - in the your-domain.com http://your-domain.com zone file (see public.txt for the private._domainkey.your-domain.com http://domainkey.your-domain.com entry): _domainkey.your-domain.com http://domainkey.your-domain.com. IN TXT t=y; o=- Note: This is putting it into test mode. If you are done testing, and want to take it out of testing mode, change the above to reflect below. _domainkey.your-domain.com http://domainkey.your-domain.com. IN TXT o=- Then also add this to your zone file: private._domainkey.your-domain.com http://domainkey.your-domain.com. IN TXT k=rsa; p=MEwwDQY . . . to end of key (NOTE QUOTATION MARKS MUST BE THERE) - - - - - - I can replace that with : # yum install caching-nameserver # service start named # chkconfig named on Then put nameserver 127.0.0.1 as the first record in your /etc/resolv.conf file. Add the A and MX records at my registrar and I'm done other than the testing you suggest in the config docs. Thanks again for all your support and guidance! - - - - - Yes you may, go ahead. DNS Authoritative is optional on QMT BOX BUT DNS Cache is conditionally must have on QMT BOX if on your LAN don't have DNS Cache server see here where I put note regarding QMT-ISO install http://wiki.qmailtoaster.com/index.php/QMT-ISO_Manual_Guide#Add_DNS_server http://wiki.qmailtoaster.com/index.php/QMT-ISO_Manual_Guide#Configure_Bind
[qmailtoaster] Re: using registrar's DNS instead of djbdns or Bind
On 04/26/2011 05:37 AM, Keith Smith wrote: Hi, Thank you for your help with this question. I am doing an install of Qmail Toaster on CentOS 5.6 using the documentation located at http://wiki.qmailtoaster.com/index.php/CentOS_5_QmailToaster_Install This is a test run to learn so I can do this in a production environment. The docs say I need a DNS server. I am using my registrar's DNS. Do I still need Bind or djbdns? Thank you for your help! -- There are 2 roles which are involved with DNS, an Authoritative server and a Recursor. An Authoritative server answers queries about specific domains which it 'owns', while a Recursor, aka caching nameserver, answers queries about any host in general. The two roles are typically implemented on different hosts, which is generally considered to be a good practice. While they can be implemented on a single host, doing so is more complicated, and has inherent security risks. Your registrar's DNS will serve as the Authoritative DNS server for your domain(s). The inbound MTA portion of QMT (smtp) uses DNS quite a bit, so it's a good idea to have a caching nameserver installed on the QMT host. This minimizes network DNS traffic, although DNS packets (UDP) really don't use much in the way of network resources to begin with. I usually install the caching-nameserver package (or pdns-recursor), add nameserver 127.0.0.1 to the /etc/resolv.conf file, then forget about it. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: using registrar's DNS instead of djbdns or Bind
FWIW, I've been reading good things about PowerDNS. I've begun to use the pdns-recursor package instead of the caching-nameserver and bind packages. -- -Eric 'shubes' On 04/26/2011 06:51 AM, Maxwell Smart wrote: You can use either of those as a caching nameserver. This will speed up queries considerably. It's not necessary. On 04/26/2011 05:37 AM, Keith Smith wrote: Hi, Thank you for your help with this question. I am doing an install of Qmail Toaster on CentOS 5.6 using the documentation located at http://wiki.qmailtoaster.com/index.php/CentOS_5_QmailToaster_Install This is a test run to learn so I can do this in a production environment. The docs say I need a DNS server. I am using my registrar's DNS. Do I still need Bind or djbdns? Thank you for your help! -- Keith Smith Internet Marketing LLC (480) 272-9268 PHP Programming Services Search Engine Optimization - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: using registrar's DNS instead of djbdns or Bind
What if I just wanted to by pass Bind for now and setup an MX record at my registrar? Would I just update my /etc/resolv.conf file with nameserver IP-to-Registrar the IP being the IP that the Domain resolves to? I want to do this to prove everything is working then add Bind so I do not have too may things going at once. Thanks Again for your help! On Tue, Apr 26, 2011 at 7:01 AM, Eric Shubert e...@shubes.net wrote: On 04/26/2011 05:37 AM, Keith Smith wrote: Hi, Thank you for your help with this question. I am doing an install of Qmail Toaster on CentOS 5.6 using the documentation located at http://wiki.qmailtoaster.com/index.php/CentOS_5_QmailToaster_Install This is a test run to learn so I can do this in a production environment. The docs say I need a DNS server. I am using my registrar's DNS. Do I still need Bind or djbdns? Thank you for your help! -- There are 2 roles which are involved with DNS, an Authoritative server and a Recursor. An Authoritative server answers queries about specific domains which it 'owns', while a Recursor, aka caching nameserver, answers queries about any host in general. The two roles are typically implemented on different hosts, which is generally considered to be a good practice. While they can be implemented on a single host, doing so is more complicated, and has inherent security risks. Your registrar's DNS will serve as the Authoritative DNS server for your domain(s). The inbound MTA portion of QMT (smtp) uses DNS quite a bit, so it's a good idea to have a caching nameserver installed on the QMT host. This minimizes network DNS traffic, although DNS packets (UDP) really don't use much in the way of network resources to begin with. I usually install the caching-nameserver package (or pdns-recursor), add nameserver 127.0.0.1 to the /etc/resolv.conf file, then forget about it. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Keith Smith Internet Marketing LLC (480) 272-9268 PHP Programming Services Search Engine Optimization
[qmailtoaster] Re: using registrar's DNS instead of djbdns or Bind
Just set up your authoritative DNS (A,MX) records at your registrar. QMT doesn't need to know about that at all. Then on QMT, simply: # yum install caching-nameserver # service start named # chkconfig named on Then put nameserver 127.0.0.1 as the first record in your /etc/resolv.conf file. That's all you need to do. Your QMT host doesn't give a hoot about authoritative DNS. It'll get everything it needs from the recursor (aka caching-nameserver). -- -Eric 'shubes' On 04/26/2011 12:24 PM, Keith Smith wrote: What if I just wanted to by pass Bind for now and setup an MX record at my registrar? Would I just update my /etc/resolv.conf file with nameserver IP-to-Registrar the IP being the IP that the Domain resolves to? I want to do this to prove everything is working then add Bind so I do not have too may things going at once. Thanks Again for your help! On Tue, Apr 26, 2011 at 7:01 AM, Eric Shubert e...@shubes.net mailto:e...@shubes.net wrote: On 04/26/2011 05:37 AM, Keith Smith wrote: Hi, Thank you for your help with this question. I am doing an install of Qmail Toaster on CentOS 5.6 using the documentation located at http://wiki.qmailtoaster.com/index.php/CentOS_5_QmailToaster_Install This is a test run to learn so I can do this in a production environment. The docs say I need a DNS server. I am using my registrar's DNS. Do I still need Bind or djbdns? Thank you for your help! -- There are 2 roles which are involved with DNS, an Authoritative server and a Recursor. An Authoritative server answers queries about specific domains which it 'owns', while a Recursor, aka caching nameserver, answers queries about any host in general. The two roles are typically implemented on different hosts, which is generally considered to be a good practice. While they can be implemented on a single host, doing so is more complicated, and has inherent security risks. Your registrar's DNS will serve as the Authoritative DNS server for your domain(s). The inbound MTA portion of QMT (smtp) uses DNS quite a bit, so it's a good idea to have a caching nameserver installed on the QMT host. This minimizes network DNS traffic, although DNS packets (UDP) really don't use much in the way of network resources to begin with. I usually install the caching-nameserver package (or pdns-recursor), add nameserver 127.0.0.1 to the /etc/resolv.conf file, then forget about it. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com http://www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com http://qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com mailto:qmailtoaster-list-h...@qmailtoaster.com -- Keith Smith Internet Marketing LLC (480) 272-9268 PHP Programming Services Search Engine Optimization - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Re: using registrar's DNS instead of djbdns or Bind
-Original Message- From: Eric Shubert [mailto:e...@shubes.net] Sent: Tuesday, April 26, 2011 4:01 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: using registrar's DNS instead of djbdns or Bind Just set up your authoritative DNS (A,MX) records at your registrar. QMT doesn't need to know about that at all. Then on QMT, simply: # yum install caching-nameserver # service start named # chkconfig named on Then put nameserver 127.0.0.1 as the first record in your /etc/resolv.conf file. That's all you need to do. Your QMT host doesn't give a hoot about authoritative DNS. It'll get everything it needs from the recursor (aka caching-nameserver). -- -Eric 'shubes' On 04/26/2011 12:24 PM, Keith Smith wrote: What if I just wanted to by pass Bind for now and setup an MX record at my registrar? Would I just update my /etc/resolv.conf file with nameserver IP-to-Registrar the IP being the IP that the Domain resolves to? I want to do this to prove everything is working then add Bind so I do not have too may things going at once. Thanks Again for your help! On Tue, Apr 26, 2011 at 7:01 AM, Eric Shubert e...@shubes.net mailto:e...@shubes.net wrote: On 04/26/2011 05:37 AM, Keith Smith wrote: Hi, Thank you for your help with this question. I am doing an install of Qmail Toaster on CentOS 5.6 using the documentation located at http://wiki.qmailtoaster.com/index.php/CentOS_5_QmailToaster_Install This is a test run to learn so I can do this in a production environment. The docs say I need a DNS server. I am using my registrar's DNS. Do I still need Bind or djbdns? Thank you for your help! -- There are 2 roles which are involved with DNS, an Authoritative server and a Recursor. An Authoritative server answers queries about specific domains which it 'owns', while a Recursor, aka caching nameserver, answers queries about any host in general. The two roles are typically implemented on different hosts, which is generally considered to be a good practice. While they can be implemented on a single host, doing so is more complicated, and has inherent security risks. Your registrar's DNS will serve as the Authoritative DNS server for your domain(s). The inbound MTA portion of QMT (smtp) uses DNS quite a bit, so it's a good idea to have a caching nameserver installed on the QMT host. This minimizes network DNS traffic, although DNS packets (UDP) really don't use much in the way of network resources to begin with. I usually install the caching-nameserver package (or pdns-recursor), add nameserver 127.0.0.1 to the /etc/resolv.conf file, then forget about it. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com http://www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com http://qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com mailto:qmailtoaster-list-h...@qmailtoaster.com -- Keith Smith Internet Marketing LLC (480) 272-9268 PHP Programming Services Search Engine Optimization Eric, When I installed the caching-nameserver on my main QMT server I had to edit the config file so that it would forward lookups. I had to do this on the new machine I just recently built as well. Thanks, Scott - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: using registrar's DNS instead of djbdns or Bind
On 04/26/2011 02:08 PM, Scott Hughes wrote:
-Original Message-
From: Eric Shubert [mailto:e...@shubes.net]
Sent: Tuesday, April 26, 2011 4:01 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] Re: using registrar's DNS instead of djbdns or Bind
Just set up your authoritative DNS (A,MX) records at your registrar. QMT
doesn't need to know about that at all.
Then on QMT, simply:
# yum install caching-nameserver
# service start named
# chkconfig named on
Then put
nameserver 127.0.0.1
as the first record in your /etc/resolv.conf file.
That's all you need to do. Your QMT host doesn't give a hoot about
authoritative DNS. It'll get everything it needs from the recursor (aka
caching-nameserver).
Eric,
When I installed the caching-nameserver on my main QMT server I had to edit
the config file so that it would forward lookups. I had to do this on the
new machine I just recently built as well.
Thanks,
Scott
That's a good thing to do, but it isn't required. I was a little lazy
writing the post. Plus, the upstream recursor you choose can vary
depending on you ISP or geographical location.
Here's what I'm presently using in my /etc/named.conf file:
//
// named.conf
//
options {
forward first;
forwarders {
205.171.3.25;
208.67.222.220;
205.171.2.25;
208.67.222.222;
};
};
logging {
category lame-servers { null; };
};
The 205.171.n.25 recursors are Qwest's, and the 208.67.222.220 (there
are others as well) are OpenDNS.
It's be really nice if someone would write up a wiki page. I'd be glad
to edit it. The existing DomainKeys page would be a good starting point.
That page is obsolete when it comes to the DomainKeys part (DKIM is
replacing DK), but I think the general DNS stuff there will continue to
be valid.
Would someone care to do this?
--
-Eric 'shubes'
-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Re: using registrar's DNS instead of djbdns or Bind
Thank you very much! On Tue, Apr 26, 2011 at 2:00 PM, Eric Shubert e...@shubes.net wrote: Just set up your authoritative DNS (A,MX) records at your registrar. QMT doesn't need to know about that at all. Then on QMT, simply: # yum install caching-nameserver # service start named # chkconfig named on Then put nameserver 127.0.0.1 as the first record in your /etc/resolv.conf file. That's all you need to do. Your QMT host doesn't give a hoot about authoritative DNS. It'll get everything it needs from the recursor (aka caching-nameserver). -- -Eric 'shubes' On 04/26/2011 12:24 PM, Keith Smith wrote: What if I just wanted to by pass Bind for now and setup an MX record at my registrar? Would I just update my /etc/resolv.conf file with nameserver IP-to-Registrar the IP being the IP that the Domain resolves to? I want to do this to prove everything is working then add Bind so I do not have too may things going at once. Thanks Again for your help! On Tue, Apr 26, 2011 at 7:01 AM, Eric Shubert e...@shubes.net mailto:e...@shubes.net wrote: On 04/26/2011 05:37 AM, Keith Smith wrote: Hi, Thank you for your help with this question. I am doing an install of Qmail Toaster on CentOS 5.6 using the documentation located at http://wiki.qmailtoaster.com/index.php/CentOS_5_QmailToaster_Install This is a test run to learn so I can do this in a production environment. The docs say I need a DNS server. I am using my registrar's DNS. Do I still need Bind or djbdns? Thank you for your help! -- There are 2 roles which are involved with DNS, an Authoritative server and a Recursor. An Authoritative server answers queries about specific domains which it 'owns', while a Recursor, aka caching nameserver, answers queries about any host in general. The two roles are typically implemented on different hosts, which is generally considered to be a good practice. While they can be implemented on a single host, doing so is more complicated, and has inherent security risks. Your registrar's DNS will serve as the Authoritative DNS server for your domain(s). The inbound MTA portion of QMT (smtp) uses DNS quite a bit, so it's a good idea to have a caching nameserver installed on the QMT host. This minimizes network DNS traffic, although DNS packets (UDP) really don't use much in the way of network resources to begin with. I usually install the caching-nameserver package (or pdns-recursor), add nameserver 127.0.0.1 to the /etc/resolv.conf file, then forget about it. -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com http://www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com http://qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com mailto:qmailtoaster-list-h...@qmailtoaster.com -- Keith Smith Internet Marketing LLC (480) 272-9268 PHP Programming Services Search Engine Optimization - Qmailtoaster is sponsored by Vickers Consulting Group ( www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com -- Keith Smith Internet Marketing LLC (480) 272-9268 PHP Programming Services Search Engine Optimization
