Difference between revisions of "CNMCyber.com DNS"
(→SOA and NS) |
|||
(23 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | [[Opplet DNS]] | + | [[CNMCyber.com DNS]] is the subset of [[Opplet DNS]] that is created and administered to handle [[DNS record]]s for [[CNMCyber.com]]. |
− | + | ==Non-mail DNS records== | |
− | + | ===SOA and NS=== | |
− | + | {|class="wikitable" width=100% | |
− | + | !Type!!Resource record!!Data | |
− | + | |- | |
− | + | |soa||@||Primary nameserver: ns63.domaincontrol.com. | |
− | + | |- | |
− | + | |ns||@||ns63.domaincontrol.com. | |
− | + | |- | |
− | + | |ns||@||ns64.domaincontrol.com. | |
− | + | |} | |
− | + | ||
− | + | ===A and AAAA=== | |
− | + | {|class="wikitable" width=100% | |
− | + | !Type!!Resource record!!Data | |
− | + | |- | |
− | + | |a||@||88.99.214.92 | |
− | + | |- | |
− | + | |a||cert||88.99.214.92 | |
− | + | |- | |
− | + | |a||corp||188.34.147.106 | |
− | + | |- | |
− | + | |a||dash-status||188.34.147.107 | |
− | + | |- | |
− | + | |a||focalboard||188.34.147.107 | |
− | + | |- | |
− | + | |a||influxdb||188.34.147.107 | |
− | + | |- | |
− | + | |a||lab||88.99.214.92 | |
− | + | |- | |
− | + | |a||mail||188.34.147.106 | |
− | + | |- | |
− | + | |a||monitor||188.34.147.107 | |
− | + | |- | |
− | + | |a||next||5.9.40.148 | |
− | + | |- | |
− | + | |a||npm||188.34.147.107 | |
− | + | |- | |
− | + | |a||page||88.99.214.92 | |
+ | |- | ||
+ | |a||pass||188.34.147.107 | ||
+ | |- | ||
+ | |a||portainer||188.34.147.107 | ||
+ | |- | ||
+ | |a||social||188.34.147.106 | ||
+ | |- | ||
+ | |a||status||188.34.147.107 | ||
+ | |- | ||
+ | |a||taiga||88.99.214.92 | ||
+ | |- | ||
+ | |a||talk||188.34.147.106 | ||
+ | |- | ||
+ | |a||tube||88.99.214.92 | ||
+ | |- | ||
+ | |a||wiki||88.99.214.92 | ||
+ | |} | ||
+ | |||
+ | ===CNAME=== | ||
+ | {|class="wikitable" width=100% | ||
+ | !Type!!Resource record!!Data | ||
+ | |- | ||
+ | |cname||www||cnmcyber.com. | ||
+ | |} | ||
+ | |||
+ | ==Mail DNS records== | ||
+ | ===MX=== | ||
+ | {|class="wikitable" width=100% | ||
+ | !Type!!Resource record!!Data | ||
+ | |- | ||
+ | |mx||@||mail.cnmcyber.com. (Priority: 10) | ||
+ | |- | ||
+ | |mx||next.cnmcyber.com||mail.next.cnmcyber.com. (Priority: 10) | ||
+ | |} | ||
+ | |||
+ | ===SPF=== | ||
+ | {|class="wikitable" width=100% | ||
+ | !Type!!Resource record!!Data | ||
+ | |- | ||
+ | |txt||@||v=spf1 a mx ip4:188.34.147.106 ~all | ||
+ | |} | ||
+ | |||
+ | ===DKIM=== | ||
+ | {|class="wikitable" width=100% | ||
+ | !Type!!Resource record!!Data | ||
+ | |- | ||
+ | |txt||mail._domainkey||v=DKIM1; h=sha256; k=rsa; t=s; s=mail; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu88YzniPNK8Dolkeb5ZJ3m2ugbZu8BYt0S8iPzns1RlqoCzkUNebfMOI4BxfzHyvFu7zP89Zsqy3amNiBIX1i/w4j6uULmgNm9MAWt99Bxy9sZOORhSC6jz5T16tehmLjbXd3L4LwPVP4OE9CmMgFL/rSp5ytKRp2mXGAH+0hEZk8TVh5AeLcMSCka4IIxIaFDeMJs5mjmMMKy9mt6sTfH8yH09yFEuPepKSr/IO/ENGUVnjr4KOTTWI1BGnQDN1JVxRx88eY1btlzfs2gX5tCYSlhlZOwfFshobr9xb2RgW4b8Q/8SuqJ6XAt9CeuoJJjHxVL1B/C0fPCaFPJzUEQIDAQAB | ||
+ | |} | ||
+ | |||
+ | Your DKIM record seems to be valid, but there are some optional tags that you can add or modify to improve your email authentication. Here are some suggestions: | ||
+ | # You can add the s tag to specify the service types that your DKIM record applies to. For example, if you only use your domain for email, you can add s=email to your record. | ||
+ | # You can change the t tag to remove the y flag, which indicates that your DKIM record is in testing mode. This flag may cause some email receivers to ignore your DKIM signature. You can either delete the t=y tag or change it to t=s to indicate that your DKIM record is in strict mode. | ||
+ | # You can add the n tag to provide a note or comment for your DKIM record. This can be useful for administrative purposes or for debugging issues. For example, you can add n=This is my DKIM record for mail._domainkey to your record. | ||
+ | |||
+ | A DKIM DNS record is valid if it contains the following elements: | ||
+ | * The version, which is usually v=DKIM1 | ||
+ | * The encryption algorithm, which is always RSA (k=rsa) | ||
+ | * The public key, which is a long string of characters (p=...) | ||
+ | * Optionally, some other tags that specify the service types, the testing mode, or the notes for the record (s=..., t=..., n=...) | ||
+ | These elements are stored as a TXT record in the domain’s DNS zone, and they are used to verify the digital signature of the emails sent from that domain. The digital signature ensures that the email has not been tampered with and that it comes from a legitimate sender. | ||
+ | |||
+ | ===DMARC=== | ||
+ | {|class="wikitable" width=100% | ||
+ | !Type!!Resource record!!Data | ||
+ | |- | ||
+ | |txt||_dmarc||v=DMARC1; p=quarantine; sp=quarantine; rua=mailto:postmaster@cnmcyber.com | ||
+ | |} | ||
+ | |||
+ | ===Other records=== | ||
+ | {|class="wikitable" width=100% | ||
+ | !Type!!Resource record!!Data | ||
+ | |- | ||
+ | |txt||@||google-site-verification=NoAShLTQRVThCMTCbQtDGrBYB8JEacObhSg4DmbYwmA | ||
+ | |- | ||
+ | |txt||_acme-challenge.corp||QlxBC4Pv_oiA5XNoR3HtJZM8tO9ifiqTx2UucKW2xxU | ||
+ | |- | ||
+ | |txt||_acme-challenge.social||pr3Pw-RToXjuAs5Uebu5uDu208ZQYyAvmO3ztbAUQDY | ||
+ | |- | ||
+ | |txt||_acme-challenge.talk||N6-YE8SjvofQgWzVOgu1MAaJAFfoBQE1K3Ncb49fb2M | ||
+ | |} | ||
+ | |||
+ | ==Web hosting== | ||
+ | ===Location=== | ||
+ | ===BIND=== | ||
+ | ===SSL certificates=== | ||
+ | ==Web servers== | ||
+ | ===Choice=== | ||
+ | ===Files=== | ||
+ | ==Administration== | ||
+ | ===API=== | ||
+ | ===Choice of model=== |
Latest revision as of 14:19, 6 March 2024
CNMCyber.com DNS is the subset of Opplet DNS that is created and administered to handle DNS records for CNMCyber.com.
Contents
Non-mail DNS records
SOA and NS
Type | Resource record | Data |
---|---|---|
soa | @ | Primary nameserver: ns63.domaincontrol.com. |
ns | @ | ns63.domaincontrol.com. |
ns | @ | ns64.domaincontrol.com. |
A and AAAA
Type | Resource record | Data |
---|---|---|
a | @ | 88.99.214.92 |
a | cert | 88.99.214.92 |
a | corp | 188.34.147.106 |
a | dash-status | 188.34.147.107 |
a | focalboard | 188.34.147.107 |
a | influxdb | 188.34.147.107 |
a | lab | 88.99.214.92 |
a | 188.34.147.106 | |
a | monitor | 188.34.147.107 |
a | next | 5.9.40.148 |
a | npm | 188.34.147.107 |
a | page | 88.99.214.92 |
a | pass | 188.34.147.107 |
a | portainer | 188.34.147.107 |
a | social | 188.34.147.106 |
a | status | 188.34.147.107 |
a | taiga | 88.99.214.92 |
a | talk | 188.34.147.106 |
a | tube | 88.99.214.92 |
a | wiki | 88.99.214.92 |
CNAME
Type | Resource record | Data |
---|---|---|
cname | www | cnmcyber.com. |
Mail DNS records
MX
Type | Resource record | Data |
---|---|---|
mx | @ | mail.cnmcyber.com. (Priority: 10) |
mx | next.cnmcyber.com | mail.next.cnmcyber.com. (Priority: 10) |
SPF
Type | Resource record | Data |
---|---|---|
txt | @ | v=spf1 a mx ip4:188.34.147.106 ~all |
DKIM
Type | Resource record | Data |
---|---|---|
txt | mail._domainkey | v=DKIM1; h=sha256; k=rsa; t=s; s=mail; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu88YzniPNK8Dolkeb5ZJ3m2ugbZu8BYt0S8iPzns1RlqoCzkUNebfMOI4BxfzHyvFu7zP89Zsqy3amNiBIX1i/w4j6uULmgNm9MAWt99Bxy9sZOORhSC6jz5T16tehmLjbXd3L4LwPVP4OE9CmMgFL/rSp5ytKRp2mXGAH+0hEZk8TVh5AeLcMSCka4IIxIaFDeMJs5mjmMMKy9mt6sTfH8yH09yFEuPepKSr/IO/ENGUVnjr4KOTTWI1BGnQDN1JVxRx88eY1btlzfs2gX5tCYSlhlZOwfFshobr9xb2RgW4b8Q/8SuqJ6XAt9CeuoJJjHxVL1B/C0fPCaFPJzUEQIDAQAB |
Your DKIM record seems to be valid, but there are some optional tags that you can add or modify to improve your email authentication. Here are some suggestions:
- You can add the s tag to specify the service types that your DKIM record applies to. For example, if you only use your domain for email, you can add s=email to your record.
- You can change the t tag to remove the y flag, which indicates that your DKIM record is in testing mode. This flag may cause some email receivers to ignore your DKIM signature. You can either delete the t=y tag or change it to t=s to indicate that your DKIM record is in strict mode.
- You can add the n tag to provide a note or comment for your DKIM record. This can be useful for administrative purposes or for debugging issues. For example, you can add n=This is my DKIM record for mail._domainkey to your record.
A DKIM DNS record is valid if it contains the following elements:
- The version, which is usually v=DKIM1
- The encryption algorithm, which is always RSA (k=rsa)
- The public key, which is a long string of characters (p=...)
- Optionally, some other tags that specify the service types, the testing mode, or the notes for the record (s=..., t=..., n=...)
These elements are stored as a TXT record in the domain’s DNS zone, and they are used to verify the digital signature of the emails sent from that domain. The digital signature ensures that the email has not been tampered with and that it comes from a legitimate sender.
DMARC
Type | Resource record | Data |
---|---|---|
txt | _dmarc | v=DMARC1; p=quarantine; sp=quarantine; rua=mailto:postmaster@cnmcyber.com |
Other records
Type | Resource record | Data |
---|---|---|
txt | @ | google-site-verification=NoAShLTQRVThCMTCbQtDGrBYB8JEacObhSg4DmbYwmA |
txt | _acme-challenge.corp | QlxBC4Pv_oiA5XNoR3HtJZM8tO9ifiqTx2UucKW2xxU |
txt | _acme-challenge.social | pr3Pw-RToXjuAs5Uebu5uDu208ZQYyAvmO3ztbAUQDY |
txt | _acme-challenge.talk | N6-YE8SjvofQgWzVOgu1MAaJAFfoBQE1K3Ncb49fb2M |