DNS and mail server

Discussion in 'Installation/Configuration' started by midcarolina, Jul 30, 2011.

  1. midcarolina

    midcarolina New Member


    Let me first tell you my system so you'll know what we're working with.
    Fedora 14 x86_64, 500GB Raid 5, 16GB Ram, Intel i5 Quadcore 3.2Ghz

    I am using Godaddy's DNS servers to piont to the main domain of the server. Which is also (with subdomain) the server name, so webserver.example.com

    Everything works great for this site except a few things that have to be minor. The ISPConfig 3 "Monitor" indicates everything is fine. However, under "System State", I used to be able to view disk usage, cpu, everything. Now each of these give me ???.??.???.???

    Also I have set the mail up in numerous ways, none of which work. I've setup forwarding, you name it. no errors, just no mail? I don't have seperate servers created for mail, dns, etc. They all use the main server.

    Last, instead of my clients using GoDaddy's name servers, I created ns1.example.com and ns2.example.com pointing to Googles global DNS. I ran a traceroute on the server using SSH according to Googles instructions, and the traceroute came back exactly as Google stated it should resolve. But they won't work nor are they recognized in a DNS search. (i.e. ns1.example.com should resolve, but doesn't resolve anything.

    Oh, one note about mail. Do you know anything about [email protected]? That what the mail tests say.

    Thanks in advance for all this mess!
  2. falko

    falko Super Moderator ISPConfig Developer

    Let's start with the mail part first. Any errors in your mail log?
  3. midcarolina

    midcarolina New Member

    Hi Falko,

    Ok, first let me say that this system is a bit more (or seems to be) in-depth than what I am used to, so I checked several things. It just seemed to be many logs and files associated with mail, so I wanted to be thorough. Here is what I did:

    I Looked in /var/mail/ where I could see 'root' mail and client mail. Clients were completely empty. The root file didn't really show anything indicating any specific errors, just functions that had run. No warnings or indicators of any file path missing - nothing. So next,

    I looked in /var/log/mail/ Again, although I didn't know every detail of what I was viewing, I saw no errors or warnings, just functions or programs that had run.

    So, finally, since I remembered from the install that there were several items associated with mail (postfix, Getmail, squirrelmail, etc.) I viewed every single log file associated with any of these. Nothing really indicated any errors, only that a certain process had run at a given time, etc.

    I used the email forwarder to try and forward to a gmail account that I use (actually a Google App which I added my domain too - the webserver domain) That didn't help either. Are there any records I need to create in the Godaddy account? I have the A records pointing to my Public IP (the webserver) so it seems like "no" would be the answer. Do I need to create any MX records in ISPConfig?

  4. falko

    falko Super Moderator ISPConfig Developer

    You need to create MX records for your domains that point to your ISPConfig server. If you have created A records at GoDaddy, you must create the MX records there as well.
  5. midcarolina

    midcarolina New Member


    Ok, here is EXACTLY what I did, and email is working. However, I would like to not have every new WHM or end-user have to do this, so tell me if I am thinking correctly or not. I have been using Google Apps for my tlds for over a year now. At Godaddy, I added 4 MX records from Google (priority 10,20,30,40) all pointing to @, which points to my server's public IP.

    Now, back at ISPConfig, I made 4 mx records also. In your manual, using the debian based system, your example shows creating separate hosts for mail, db, server, etc. My system is not set-up this way. The only server running is webserver.example.com. So, I set this:

    imap.example.com >>> (pointing to) webserver.example.com
    pop.example.com >>> webserver.example.com
    smtp.example.com >>> webserver.example.com
    mail.example.com >>> webserver.example.com

    A couple of questions. Number one, are these settings (above) for ISPConfig correct? Again, mail is working. Number two, I am trying to keep my server and services "branded" if you will. In other words, can new domains now just point to my server in the MX records? That was what I was trying (and still am) to do with my nameservers. I guess what I am trying to say is that I want everything to run through my server, except one thing alone (which isn't really a server issue), and that is to be the actual domain registrar, like GoDaddy or Enom.

    I hope I am making sense. Thanks for all.
  6. falko

    falko Super Moderator ISPConfig Developer

    There is one thing you have to keep in mind - MX records must always piint to A records, not to CNAME records. For example, if you have created an MX record for yourdomain.com that points to mail.yourdomain.com, and mail.yourdomain.com is a CNAME to webserver.yourdomain.com, this doesn't work! mail.yourdomain.com must be an A record that points to an IP.

    Did you check out this tutorial? http://www.howtoforge.com/how-to-ru...and-secondary-with-ispconfig-3-debian-squeeze
  7. midcarolina

    midcarolina New Member

    So, an MX record like mail.example.com pointing to webserver.example.com doesn't work? It seemed to me that the webserver was just a mask for the IP anyway, because webserver.example.com points to the IP, or not?
  8. falko

    falko Super Moderator ISPConfig Developer

  9. midcarolina

    midcarolina New Member

    Ok Falko, Two things

    I set the ISPConfig mx records like such:

    mail.example.com >> points to 192.168.1.XX
    smtp.example.com >> 192.168.1.XX
    pop.example.com >> 192.168.1.XX
    imap.example.com >> 192.168.1.XX

    The only way the mail works is if I use it outside of the one website on the server (before it is production). Example, when you said to set the MX records at the domain registrar, this allowed me to use Google Apps mail exchange network....working beautifully. But, if I go to the website (which is live) and test the contact us form (which I have used on other sites, so I know the form is set-up correctly and reliable) the mail is not routed to my inbox. So, making sense of it, this indicates to me that ISPConfig is still not set-up correctly (server-side & website), but the registrar MX is.

  10. Mark_NL

    Mark_NL Member

    You are now pointing your records to local ip address.

    Keep the MX records at GoDaddy, and point them to the external ip address of your server.

    Does the webform send a mail straight to [email protected] ?

    then open up the mail log (i think it's /var/log/maillog on fedora) and tail it

    tail -f /var/log/maillog
    Then press send on the webform and see if you get new entries in your logfile.

    (Note: don't forget about dns cache, since you're editing dns records)
  11. midcarolina

    midcarolina New Member

    Thanks for the response. This is precisely how I have it set-up. The MX at GoDaddy goes to the public IP which port forwards to the internal IP. But my understanding was that ISPConfig's MX records had to be set-up so that the server recognizes ISPConf set-up at all. Does this make sense? What is messing me up is that I am dealing with the same domain with two DNS record areas. One at GoDaddy, and one for ISPConfig. Ultimately, my goal is to have Google's Global DNS IPs, and to run the system, and have GoDaddy ONLY handle the server's domain. I don't want to have clients setting up DNS, A, MX, or even TXT records at two places. I only want them to have to make their set-up via ISPConfig - the reason I am using this CP in the first place. Hopefully I am making sense. This is the result of the tail command you suggested, which honestly is greek to me.

    Aug 3 13:20:01 webserver dovecot: pop3-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured
    Aug 3 13:20:01 webserver dovecot: imap-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured
    Aug 3 13:25:01 webserver dovecot: pop3-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured
    Aug 3 13:25:01 webserver dovecot: imap-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured
    Aug 3 13:25:50 webserver clamd.amavisd[1942]: SelfCheck: Database status OK.
    Aug 3 13:30:01 webserver dovecot: pop3-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured
    Aug 3 13:30:01 webserver dovecot: imap-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured
    Aug 3 13:35:01 webserver dovecot: pop3-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured
    Aug 3 13:35:01 webserver dovecot: imap-login: Disconnected (no auth attempts): rip=::1, lip=::1, secured
    Aug 3 13:35:50 webserver clamd.amavisd[1942]: SelfCheck: Database status OK.
  12. Mark_NL

    Mark_NL Member

    Nah greek is something completely different ;-)

    Anyway .. since it's a 15min tail, there's no mail arriving at your system.

    As of what i understand, you want clients to be able to manage their domains in the web admin of ISPConfig, well that's possible BUT then you have to make that server authoritative for those domains. That means that your ISPConfig server is the one who is managing that domain and what that server contains is the correct setting.

    f.e. if you buy domain abc.com (ip: and run it as authoritative on your server i can add abc.com on my server as well but with another ip .. though when someone asks the ip for abc.com it will eventually ask YOUR dns server what the ip is, it won't ask mine, since you're authoritative.

    For now, GoDaddy is the authoritative server for your domains, so all requests for your domains will go to GoDaddy, not your ISPConfig server.

    I'm running multiple ispconfig3 servers that do mail only, i've 0 dns entries on those servers. I manage all domains and settings for it (mx,cname,txt,a,aaaa) on the nameservers.

    at GoDaddy say:

    example.com MX mail.example.com
    mail.example.com A <your public ip>

    in ispconfig you only have to create the mail domains and a mailbox .. no dns zones needed. ispconfig only needs to know which email domains are hosted on itself, nothing more.

    Now if i send a mail to [email protected] my server will check "who's authoritative?" .. godaddy .. It will get <your public ip> from godaddy and will contact the server at <your public ip> .. my server will say "yo, i got an email for [email protected]!" your server will check the email domain list for "example.com" and then if there's a username "user" attached to it .. if so, accept the mail et voila.

    So if you want all dns configuration to be done on the ispconfig server, make it authoritative, if that's possible at godaddy i don't know.

Share This Page