External website without external DNS

So, I had successfully deployed box.example.com to a new VM Box #2, except example.com, which is being hosted on another VM Box #1, stopped working.

As I was searching how to restore my setup, I mistakenly found a post here (and probably also mistakenly interpreted it) which led me to think that the only solution was to use external DNS. So off I went to manually copy every DNS record to my Google Domains, and the status check still shows some errors.

However, now I’m just realizing, I could have just added an A record for both example.com and www.example.com, and it would have saved me the troubles.

So as a PSA, if you want to restore your original website hosted elsewhere, you aren’t required to use external DNS, and if you want something simple that just works, you can stay with MiaB’s DNS.

However, if you manage to set up external DNS, it should be more reliable as you’re using servers from a company with more resources maintaining them, instead of a DNS server one tiny VM with limited resources.

P.S. If it’s just a static website, you can change example.com (which also changes www.example.com) on the admin page and copy the files, without needing an additional VM.

My recommendation for a domain that has a site with real traffic, do not use that domain as the sending server domain. If the site with high traffic is example.com, then use example.net for the MiaB server domain. Use whatever high reliability DNS server that suits your needs for example.com and just put box.example.net in the mx record for example.com.

Ultimately, if the mail server is also it’s own DNS server, the unavailability of the DNS server will only coincide with unavailability of the mail server, so it doesn’t matter

Having the mail server down is as bad or even worse than having the DNS down. If there’s no mail server running, all emails would be gone. However, if the DNS is failing, users could come back later to see if it works then. And users in contact with whoever has control of the server, could let them know that the server is down so both DNS and mail can be restored.

I have a question, since I’m not sure how DNS works. I know the DNS records are propagated to other DNS servers like Google, Cloudflare, and the ISP’s own DNS. So, shouldn’t it be the case that if the DNS server is unavailable, it wouldn’t matter since users’ DNS would still respond with the right IP address?

Most mail servers will continue to attempt to deliver for usually something like 48 hours.

As I understand it, records are not truly “propagated” as it they are provided on an as requested basis. The TTL is what determines how long it will take for the new records to be put into use. For a server with no requests during the TTL, it will be instant “propagation”.

Actually, it does matter. In a normal scenario if a mail server is down, other mail servers will defer and attempt delivery later of any emails that would bounce due to no mail server to deliver them to. However, if DNS is down, other mail servers will not even attempt to queue emails for later delivery as for all intents and purposes, the domain does not exist. This is one of the reasons I am so vocal about having secondary DNS set up.

2 Likes

In theory, yes … but in practice no, not really. Please let me explain.

When a distant DNS server looks up information it receives a TTL (time to live) along with the information needed to make the connection. That TTL value varies from 30 seconds to 24 hours USUALLY. (There are always exceptions)

That distant server will store the information for the length of time of the TTL, so yes … in theory other servers will have the information … but for how long is the real question before it needs to look it up again to get fresh data. If a distant server has the information, it will not do another lookup while the TTL is still active - this is what causes propagation delays.

Just FYI - the default TTL for records served authoritatively by MiaB is 3600 seconds (one hour).

So basically if the server goes down you have an hour to restore it?

Oh, ok, now I understand better why.

I guess having guides tailored at different DNS providers would help in this.

1 Like

I just did the following:

Sent an email to an unregistered domain. The result was status=bounced.

Sent an email to a domain with a bad ns record (server unavailable). The result was status=deferred.

Sent an email to a domain with no mx record. The result was status=deferred.

As expected.

Does said domain have an A record?

And did you send to a valid domain with NO name servers operational?

Because trust me, I used to say it was no big deal if your MiaB was down as senders would retry later. Well, I was proven quite wrong at least twice by MiaB users whose boxes were down completely.

If the name server is down, there cannot be any records.

Correct and verified running dig ns example.com from MiaB.

The registrar is hosting the domain name and IP address of the DNS server. If that somehow goes down, I imagine a sending server would treat it the same as an unregistered domain name.

It is also possible that other servers do not exhibit the same behavior as MiaB when sending, though it is the same behavior at least of Google and Yahoo!.

For safety sake, set up a secondary DNS. We so worry about backups, we should just set up the secondary DNS once and for all, and then you can use MIAB internal DNS all we want.