DNS Configuration

Axigen Documentation

Since Axigen is an email server, a typical setup involves a number of DNS configurations. 

Here's a quick summary of the DNS records that you need to set up for each domain.

FQDN (Fully Qualified Domain Name) A record

This is the address used to reach the mail server

mail            IN      A        86.122.151.69
mail            IN      AAAA     2001:db8::1

MX (Mail Exchanger) record

Specifies the mail server responsible for accepting email messages on behalf of a domain name

                IN      MX      10 mail.domain.tld.
                IN      MX      20 mail2.domain.tld.

PTR record (Reverse DNS record)

Usually set by the Internet Service Provider and is used as an AntiSpam method

69.151.122.86.in-addr.arpa.							IN      PTR             mail.domain.tld.
1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa.	IN      PTR             mail.domain.tld.

SPF (Sender Policy Framework) record

SPF is an email authentication method designed to detect email spoofing. It allows the receiving party to check that an email from a specific domain comes from an IP address authorized by the owner of that domain, by looking up the list of authorized hosts and IP addresses for that domain in the DNS. 

                IN      TXT      "v=spf1 mx a ip4:86.122.151.69 ip6:2001:db8::1 -all"

DKIM (DomainKeys Identified Mail) record

DKIM is an email authentication method designed to detect email spoofing. It allows the receiving party to check that an email from a specific domain is actually authorized by the owner of that domain, by looking up the sender's public key in the DNS.

2018._domainkey	        IN      TXT     ("k=rsa; p=MIIBIjANBgkqX2zhG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7nPCybJo1J6WhxzVcfhQ"
                                                   "Ze0CYypJL9fUSnw3J4oyWhEO9P2MI53Z764ITmE5hEFZTb4Tqx/zuqii5bCB/QSD"
                                                   "IZDgXrRI9Fvs8xgWfEl5/jObP2MI53HkyrImIMfmy41nE+QTADMtpZkfif3eMfh3"
                                                   "iiClocYkI3Y0I5Qqwc4T/5Uic082AAy0IFt3m78EybnQFOkV7+/PLjpJkduDzgTl"
                                                   "/K6l/AJsxBgreisus0L1148fqilVlTPWWwVGSX2zh1dN6X5RT/hlYrQVaHMQEkk+"
                                                   "PeK4bUh999SYJ3QvFBQ7PZ6TUJ/w4fjWigYGNdPe8IhnxQvle3SrtiSQkb0fwnwz"
                                                   "TwIDAQAB")

The "p" value need to be split to 256 characters per line.

Here's an example on how to generate this on Linux, using your existing public key:

 

More info on how to set up DKIM

DMARC

_dmarc             IN      TXT      "v=DMARC1; p=reject; rua=mailto:postmaster@domain.tld, mailto:dmarc@domain.tld”
In our example, if a message claims to be from domain.tld and fails the DMARC checks, it gets rejected all the time, and the daily aggregate reports are emailed to postmaster@domain.tld and dmarc@domain.tld.

Auto-discovery

ActiveSync / Outlook / eM Client (autodiscover) and Thunderbird (autoconfig)

DNS based auto-discovery

_imap._tcp       IN      SRV     10      0       143      mail.domain.tld.
_imaps._tcp      IN      SRV      5      0       993      mail.domain.tld.
_pop3._tcp       IN      SRV     20      0       110      mail.domain.tld.
_pop3s._tcp      IN      SRV     15      0       995      mail.domain.tld.
_submission._tcp IN      SRV     10      0       587      mail.domain.tld.
_caldav._tcp     IN      SRV     10      0       80       mail.domain.tld.
_caldavs._tcp    IN      SRV      5      0       443      mail.domain.tld.
_carddav._tcp    IN      SRV     10      0       80       mail.domain.tld.
_carddavs._tcp   IN      SRV      5      0       443      mail.domain.tld.

Setting up a hostname for each Axigen service

webadmin           IN      CNAME       mail.domain.tld.
pop3               IN      CNAME       mail.domain.tld.
imap               IN      CNAME       mail.domain.tld.
smtp               IN      CNAME       mail.domain.tld.

 

 

For simplicity purposes, the examples above use the same hostname for all services — mail.domain.tld.

If needed, you can as well set up different hostnames — e.g. imap.domain.tld, smtp.domain.tld, pop.domain.tld, webmail.domain.tld, etc.

Please note that in order to use different hostnames you will need either an SSL certificate for each hostname, or SAN (Subject Alternative Name) certificates that cover all your hostnames.

 


 

To get more detailed information on DNS and auto-discovery configuration in Axigen, please see: