I would like a DigitalOcean Droplet running MIB, and a website on another D.O. Droplet that uses the exact same base domain name

-Challenge-
I have scoured the internet for weeks trying to figure this out, email must come from the same domain name that my website has as the URL (sub-domain is fine).

-What I have so far-

1. NameCheap (registrar) domain name, and ssl certs for both website,com and mail,website,com
2. Working out of Digital Ocean, and my account has access to ports 25/587
3. Either glue records set up on NC, pointing to like mail,website,com (MIB server on a D.O. droplet) which gets MIB working but it’s impossible to do anything else with it (dynamic site, modifications to NGINX, etc.) OR I can get the dynamic site to work beautifully on it’s own by pointing to the registrar (NC) to D.O.'s nameservers (ns1/ns2/ns3 … or w/e it’s called), then using the D.O. DNS interface for all the website’s DNS (but then I can’t use MIB). Seems to be I can get one or the other working basically.

-So-
Apparently you can use the Glue Records at the parent registrar and send everything to the MIB on a D.O. Droplet from the get-go, then from within MIB you can set up all the DNS from there. For instance, naming the droplet to a FQDN like mail,website,com works for MIB setup, then when I go to the ‘Custom DNS’ settings from the admin panel, it has two fields and the one on the right has a forced item populating the field that cannot be altered like: ‘mail,website,com’ and it does not allow you to change it to say, just ‘website,com’, so I tried renaming my droplet to just the base domain fqdn like ‘website,com’’ and it works for MIB setup, but then the problem is the forced NGINX integration makes is so there is now a static site served at website,com’ so you’re screwed going that route (apparently you may be able to make changes to the NGINX config that aren’t overwritten by MIB but at that point I’d rather separate them out on separate droplets).

-Separate them out??-

Would it be possible to say have a simple glue record at source (NC), setup a basic MIB with like ‘mail,website,com’, then from MIB settings using MIB DNS settings you can send normal “website-style traffic” like URL/API requests to a different droplet / IP for the base domain ?? Like I want to be able to do email, and have a website, both using the same base domain name.

-Desired Outcome-
In the end, the ultimate goal would be to have one or two digital ocean droplets, where I can send/receive mail from the same domain name, whilst also having a dynamic website set up at the same base domain name (i.e. mail to/from as ‘mail,website,com’ and a working website with url of ‘website,com’). If the various settings requires me to have a subdomain, mail,website,com is fine and preferred, but raw domain is also fine for mail addresses if that is easier.

Thanks to anyone willing to offer their time to help, this would be significantly helpful to me if it’s something that’s possible.

This is easy and very typical. The internet is designed so that services can be ran independently of each other. Or not.

If you wish to use MiaB, you absolutely will need two “droplets” from DO. One for MiaB, and one for your website.

While MiaB is designed to be able to host a simple website, you do not need to do that at all. You can host your website any where … separation of services, as the internet is designed to do.

Both are incorrect assumptions. Glue records point to an IP address acting as an authoritative name server for a domain.

You are missing how DNS works. Specifically the role played by MX records. You also do not seem to understand server hostnames.

Set up MiaB following the instructions EXACTLY. Do NOT deviate.

Set up your hosting environment on DO however you do that.

When everything is completely set up, adjust the Custom DNS page so that the A and AAAA records for the domain’s root @ and the www subdirectory point to the IP addresses of the web host VPS.

Profit.

Ok I think I’m following you, sorry for the confusing word salad. I created a new environment (droplet) with it’s own IP, and actually named it to mail.{domain} just to try that and it seems to work. Set up glue records pointing to the new IP. I have also managed to successfully install the ssl cert to mail.{domain}, confirmed by Namecheap support agent, and now the only error I have is for that thing like: “MTA-STS policy is missing: STSFetchResult.NONE”.

I believe I am on the right track, but now I am stuck at the custom dns step. I think I am confused, but it seems like you do not have a way to change the field to the right under “name”, like it’s got the full thing there like “mail.{domain}”, but I want to only put the value of: “{domain}”. I can achieve this by ‘hacking’ that value in using Chrome dev tools, but surely that is not correct, so I am wondering if there is something I am doing wrong. I believe like you said I should just need to add a/aaaa recs or cname rec for www, but on that part I am confused on setting up the DNS records for the base domain, which I would like to point to and have set up on separate environment with it’s own IP and I will handle stuff on the other machine with NGINX (for the website at {domain}). Maybe I need to add them in a certain order, than after I add the first one it becomes an option in that field, sort of playing around it with it but I think I am fairly close here. I greatly appreciate the help.

After clearing browser cache, static site also works.

This should self correct within 24-48 hours.

Can you post an image of what you are referring to? Skip down to my next reply. I think I know the answer without needing an image.

Please god no don’t do this. I am going to politely suggest it is the latter, but until I see what you’re looking at, I can’t really advise.

I think seeing what you are looking at will solve all.

When you created your MiaB installation it seems that you used the subdomain mail rather than box as suggested in the guides. This is ok.

I am fairly confident now as to what is happening.

Do this: Go to users tab in the admin area.

Is your domain listed at all? I assume that mail.yourdomain.tld IS indeed listed there with an email account shown as admin

Since your domain is not listed there, create a user email account at the top of the page. The user needs to be *something*@yourdomain.tld. Maybe test@yourdomain.tld for this. Of course, use your real domain name.

image868×286 37 KB

Now navigate to the Custom DNS page and viola!

image1244×502 51.9 KB

The drop down should now show both the mail subdomain as well as the root domain.

What was missing is that you had not actually created an email user on the domain that you will be hosting email for. Without any email accounts created, MiaB will not know that it is to host the domain.

Yes, you need to create an email user as indicated in my last comment which will get you on the right track.

Now you should be able to add the A/AAAA records for the other server which will host your website, as well as the CNAME record for www.

Thanks again for all your help, this was perfect. After a very long time spent back-and-forth with NameCheap’s support agents and dealing with DNS, SSL, other issues with their system, everything is finally working as expected.

Email system works, and has ssl working. Gmail junks my sent mail, but this is fine (hopefully can improve the reputation over time). I believe I might be screwed because I use Digital Ocean, but I will continue my research into this.

The Custom DNS settings worked like you said, after making an email @ {just the domain}, there was then an option to make A/CNAME records for the base domain.

I now also have a secured website working at the base domain on a separate machine, as pointed to by the MIB DNS server.

Everything seems to work quite well, I look forward to using my sweet new mail setup.

Kind Regards.

Let’s look at a few things.

First, let’s see if your IP is included on any blacklists here:

If it is, go through and follow each black lists procedure for de-listing. In some cases you may not be able to de-list the IP as only the IP owner can do so.

Second:

Sign up for Google’s Postmaster Tools

https://postmaster.google.com

And last of all, you can skip all of that and use a SMTP Relay service such as the one I have created and maintain: