Hi On 2021-07-05 12:46 p.m., Greg Wooledge wrote: > On Mon, Jul 05, 2021 at 10:32:27AM -0400, Polyna-Maude Racicot-Summerside wrote: >> This is a copy of the dump of my domain name config for CYRANIA.COM >> >> -------START >> > [snip] > >> cyrania.com. 1 IN A 162.213.253.79 > >> ;; MX Records >> cyrania.com. 1 IN MX 0 mail.cyrania.com. > >> cyrania.com. 1 IN TXT "v=spf1 +ip4:162.213.253.79 >> +include:spf.web-hosting.com +ip4:198.54.120.203 ~all" > > These are not the publically visible DNS records for your domain. > > > unicorn:~$ host cyrania.com. > cyrania.com has address 104.21.59.235 > cyrania.com has address 172.67.185.109 > cyrania.com has IPv6 address 2606:4700:3031::6815:3beb > cyrania.com has IPv6 address 2606:4700:3031::ac43:b96d > cyrania.com mail is handled by 0 _dc-mx.f1202d9a4fb3.cyrania.com. > > unicorn:~$ host -t mx cyrania.com. > cyrania.com mail is handled by 0 _dc-mx.f1202d9a4fb3.cyrania.com. > > unicorn:~$ host -t txt cyrania.com. > cyrania.com descriptive text "v=spf1 +ip4:162.213.253.79 +include:spf.web-hosting.com +include:premium58.web-hosting.com +ip4:198.54.120.203 ~all" > > > The SPF record is pretty close, but the others are nowhere near. > > It's also particularly disturbing that your MX record contains an > underscore. I've been led to believe that's disallowed in hostnames. > Attempting to resolve it gives me this error: > The file I published here was a dump done by Cloudflare some time ago. Maybe I've modified the records since but I doubt it. > unicorn:~$ host _dc-mx.f1202d9a4fb3.cyrania.com. > _dc-mx.f1202d9a4fb3.cyrania.com has address 162.213.253.79 > Host _dc-mx.f1202d9a4fb3.cyrania.com not found: 3(NXDOMAIN) > What you wrote (dc-mx) is not a underscore. Also, I don't think I have such record in my domain (dc-mx) sounds to me like a Microsoft thing (DC = Domain Controler, MX = Mail Exchange). I only have a mail. and a MX record. > Whether that's because of the underscore is unclear to me. > > In any case, you're going to want to find out why your publically visible > DNS records don't match what you thought they should be. > Thanks, yes there's some part that may be different because some of them are "proxied" by Cloudflare. So if a request is made to Cloudflare DNS server, they'll give their own server DNS and this will be followed to my server. Cloudlfare offer in their free tier a service that will cache your web pages and offer a fast service because they own many server closer to the user (edge type service). The problem is that the free tier is limited and seems to have limitation that prevent some type of use. This is one of the reason that pushes me to disable the Cloudflare on my mail domain name. Anyway, I don't have a website on those domain and Namecheap is responsible of their own security so no need for acceleration or DDOS on my side. I'll let know when I did finish changing from Cloudflare to the standard name management (DNS) offered by Namecheap. I'll see if this fix part of my problem (like getting 5 DMARC email for every email I respond on the list). Thanks, Sincerely, -- Polyna-Maude R.-Summerside -Be smart, Be wise, Support opensource development
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature