Letsencrypt expired, and dns errors

Maintenance
97

after enabling NAT Reflectin in openSense…
@box:~$ sudo /home/devnull/mailinabox/management/status_checks.py

System

:heavy_multiplication_x: SSH Login (ssh) is running but is not publicly accessible at 76.10.176.225:22.
:heavy_multiplication_x: Public DNS (nsd4) is not running (port 53).
:heavy_multiplication_x: Incoming Mail (SMTP/postfix) is running but is not publicly accessible at 76.10.176.225:25.
:heavy_multiplication_x: Outgoing Mail (SMTP 587/postfix) is running but is not publicly accessible at 76.10.176.225:587.
:heavy_multiplication_x: IMAPS (dovecot) is running but is not publicly accessible at 76.10.176.225:993.
:heavy_multiplication_x: Mail Filters (Sieve/dovecot) is running but is not publicly accessible at 76.10.176.225:4190.
:heavy_multiplication_x: HTTP Web (nginx) is running but is not publicly accessible at 76.10.176.225:80.
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
:heavy_multiplication_x: HTTPS Web (nginx) is running but is not publicly accessible at 76.10.176.225:443.
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
✓ SSH disallows password-based login.
✓ System software is up to date.
? Mail-in-a-Box version check disabled by privacy setting.
✓ System administrator address exists as a mail alias. [administrator@box.f2f10.com ↦ co-traveler@f2f10.com]
✓ The disk has 164.30 GB space remaining.
✓ System memory is 97% free.

Network

✓ Firewall is active.
✓ Outbound mail (SMTP port 25) is not blocked.
✓ IP address is not blacklisted by zen.spamhaus.org.

box.f2f10.com

:heavy_multiplication_x: Nameserver glue records are incorrect. The ns1.box.f2f10.com and ns2.box.f2f10.com nameservers must be configured
at your domain name registrar as having the IP address 76.10.176.225. They currently report addresses of [Not **
** Set]/[Not Set]. It may take several hours for public DNS to update after a change.
:heavy_multiplication_x: This domain must resolve to your box’s IP address (76.10.176.225) in public DNS but it currently resolves to [Not
Set]. It may take several hours for public DNS to update after a change. This problem may result from other issues
listed above.
✓ Reverse DNS is set correctly at ISP. [76.10.176.225 ↦ box.f2f10.com]
✓ Hostmaster contact address exists as a mail alias. [hostmaster@box.f2f10.com ↦ administrator@box.f2f10.com]
✓ Domain’s email is directed to this domain. [box.f2f10.com has no MX record, which is ok]
✓ Postmaster contact address exists as a mail alias. [postmaster@box.f2f10.com ↦ administrator@box.f2f10.com]
✓ Domain is not blacklisted by dbl.spamhaus.org.
✓ TLS (SSL) certificate is signed & valid. The certificate expires in 89 days on 03/23/18.

f2f10.com

:heavy_multiplication_x: The nameservers set on this domain are incorrect. They are currently [Not Set]. Use your domain name registrar’s
control panel to set the nameservers to ns1.box.f2f10.com; ns2.box.f2f10.com.
:heavy_multiplication_x: This domain’s DNS MX record is not set. It should be ‘10 box.f2f10.com’. Mail will not be delivered to this box.
It may take several hours for public DNS to update after a change. This problem may result from other issues
listed here.
✓ Domain is not blacklisted by dbl.spamhaus.org.
:heavy_multiplication_x: This domain should resolve to your box’s IP address (A 76.10.176.225) if you would like the box to serve webmail
or a website on this domain. The domain currently resolves to [Not Set] in public DNS. It may take several hours
for public DNS to update after a change. This problem may result from other issues listed here.
? This domain’s DNSSEC DS record is not set. The DS record is optional. The DS record activates DNSSEC. To set a DS
record, you must follow the instructions provided by your domain name registrar and provide to them this
information:

Key Tag: 60585
Key Flags: KSK
Algorithm: 7 / RSASHA1-NSEC3-SHA1
Digest Type: 2 / SHA-256
Digest: 2052282b2999d0937749f7d2241d7acf6bbc4504ae9045a9020d7abffc2b5ab3
Public Key:

AwEAAdMypof8r0AsRFZBRWDmW6/DFdDAr5uyYYslbb3x2c5PWST8nrZQU3+Pr8q/KafBTrlrLFOiE2LLHkXqmdwYmM/ChEjblutn4n9lUVua2ni90RRif+/qdzJpk5d1zJXsNuTvYv7O41Ikk9kVhvRgKW+2surM8Q6IEiKdvtAdBKinZVDwRJvpXvebRBnZ5GYV58e+Khf6YCTUC1PGXck5ULsTHy0MBUtAvyZ/qFRo2B7d17lfoNw9cK10at8AGSvr2WZNEUkWiaaf2yF+zNoHgmB41P8pUfGxPGCS/4G/zDWvUMX8RrBwJj63XGUVHR/AAnrhedh7q/1h2ayD1blM5+k=

Bulk/Record Format:
f2f10.com. 3600 IN DS 60585 7 2 2052282b2999d0937749f7d2241d7acf6bbc4504ae9045a9020d7abffc2b5ab3