Creating DNS records and receiving emails via Postfix
So far in this series of articles, you have prepared the cloud server to be a mail server, installed Postfix, and performed some basic configuration in the Postfix main.cf file. With that preparation, you can send mail and know that the system works as expected.
To move on to receiving emails, you need to create the correct DNS records and open port 25 in your iptables firewall. This article explains how to complete these tasks.
Note: This article assumes that you are using a single domain. The examples in these articles use the democloud.com domain. Be sure to replace that with your main domain.
This section describes what DNS records you need to create and how to verify their creation.
Create A and MX records
Keeping with traditional naming conventions, you need a subdomain (in this example, mail, resulting in mail.democloud.com) and an MX record for the domain that points to that subdomain.
You can have multiple MX records and multiple mail servers for your mail. A request determines which one to use based on the priority number. The lower the number, the higher the priority.
This example uses 10 as the priority number. That allows for setting up another mail server in the future with a higher MX priority number (such as 0).
See the following article for details about how to add the records to the DNS page in the Cloud Control Panel: Create DNS Records for cloud servers with the Control Panel.
Verify with dig
After you create the DNS records, you can check them on the name server itself by using the
To check that the mail subdomain is correctly entered on the Cloud Servers name server, use the following command:
dig mail.democloud.com @dns1.stabletransit.com
The verification should look as follows:
;; ANSWER SECTION: mail.democloud.com. 86400 IN A 22.214.171.124
To check the MX record for the democloud.com domain, use the following command:
dig democloud.com mx @dns1.stabletransit.com
The answer should look as follows:
;; ANSWER SECTION: democloud.com. 86400 IN MX 10 mail.democloud.com.
When you set up the cloud server, you created a simple firewall using an iptables script (see the server setup article for details).The common port for receiving mail is port 25 and the basic setup didn't have that port open. So, if you tried to send mail to the domain, you would get an notification that the mail is undeliverable.
Open port 25 in the iptables firewall
- Using the same files from the server setup article, open the iptables test file, as follows:
sudo nano /etc/iptables.test.rules
- To open port 25, add the following lines just after the
Allows all outbound trafficentry:
# Allows postfix to accept incoming connections -A INPUT -p tcp --dport 25 -j ACCEPT
Note: The line starting with # is not required, but commenting a file makes administration at a later date easier.
- After you have updated and saved the file, make the new rule set active, as follows:
sudo iptables-restore < /etc/iptables.test.rules
- The port is now open, but you should verify it as follows:
sudo iptables -L
The following new line is included in the output:
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp
Now SMTP connections can be accepted.
- To save the final configuration to the script that is executed on a restart, you need to be root rather than just using sudo, so run the following command:
- Run the
savecommand as follows:
iptables-save > /etc/iptables.up.rules
- After you are done, exit root:
Now the correct port is open in your iptables firewall.
You have set up the server to receive mail for your domain.
Where to go from here
The next article shows how to use the Telnet package to conduct some final tests on the setup to ensure that Postfix is sending the correct identification details. It also describes checking the email from the command line.
Carry on the conversation in the Rackspace Community.
© 2015 Rackspace US, Inc.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License
See license specifics and DISCLAIMER