Hi,
I absolutely love mail-in-a-box, it’s simple yet very powerful encompassing more than the average mail server’s functionality. One of which is the DNS configuration for domains.
I’ve tried a few different ways of configuring DNS on several domains but no matter what I do I always seem to have some red error in the status checks.
As per the instructions I added glue records to my MIAB domain.
I also configured the backup nameservers (digital ocean).
I set the nameservers of a website I’m hosting to those glue records.
When I add a new domain to MIAB I always have this error.
Secondary nameserver ns1.digitalocean.com is not configured correctly. (It resolved this domain as [WHERE IT IS HOSTED IP]. It should be [MAIL IN A BOX IP].)
How can I configure mail in a box to suppress this?
In an alternate configuration I set the nameservers of the website domain to those of digital ocean and the MX record to that of MIAB.
In this configuration I have the errors above plus another error.
If you add a new domain, and it is hosted somewhere else, you simply use the Customer DNS feature in your admin panel to set the A record for the IP address of where the other domain is hosted. You could still have your email for that domain going to your box, though.
Hi and thanks for the info, I’m not sure I understand it correctly though.
Are you saying that the glue records point to the web server hosting the domains and not the MIAB server?
Thanks v60fan,
I also tried to point the A record to the web host but then I was unable to re-prevision TLS certificates.
It seems that the TLS can only be provisioned for websites hosted on the box but as there’s very limited functionality like no PHP support this is not ideal.
I can provision certificates from my web server but I just want to know the best way forward.
Ensuring email delivery is my priority and MIAB does an excellent job of adding all sorts of DNS records to help with this.
It seems no matter which way I’ve tried I cannot find a workable solution which allows me to host websites on their own server and mail for those websites in the mail in a box server.
I made a graphic to show how I have things set up in the hope I’m doing something wrong and it can be corrected with some advice.
What about leaving the A record, but to get around not being able to re-provision TLS, install letsencrypt on your web server and db servers? Then a simple cron to renew them.
My curiosity over the automatic TLS provisioning took me delving through the mail in a box code and ultimately led me to Certbot (previously known as your suggestion Let’s Encrypt Client). I have this installed on all my web servers and I highly recommend it. For reference here’s the newer tutorial.
While two from the graphic and the use of Let’s Encrypt solve the TLS it also leaves me with a single point of failure for both DNS and email. This is not ideal obviously so I’m still on the hunt for a way to use this mail server as a mail server and my web servers as web servers.
Maybe if Mail in a Box could output a different set of instructions to set up the DNS if the A record pointed to a remote server, this would solve a lot of my problems.
