Using Sucuri Firewall the mx record must be changed.
I'm using Sucuri WAF for an account. When setting it up--which is much like setting up Cloudflare--the email stops working. The support staff said the mx record had to be changed.
Their support staff required a cname record be created to point to the mail. Does that work for cpanel accounts in general. Will it help conceal my server's ip from attackers? Any advice to help resolve this question would be fantastic.
-
Hey there! In general, when cPanel creates a DNS zone, the MX record configuration looks like this: domain.com. 14400 IN MX 0 domain.com. mail 14400 IN CNAME domain.com.
If you wanted to point the MX record to a different location, you can adjust the records to look like this, so the MX points specifically at mail.domain.com:domain.com. 14400 IN MX 0 mail.domain.com. mail 14400 IN A 1.2.3.4
As to "will it help conceal the server's IP" I don't think so - anyone sending mail still needs to connect to the mailserver, and querying the MX record will still return the IP address of the server/mailserver.0 -
Thanks. That helps. When setting up their WAF, it was similar to using cloudflare. However, my mail immediately stopped working, they said I need to change it like you pointed out above. After changing from the cpanel default mail settings to the second set of code you put above it worked. 0 -
I have two mail records: domain.com. 14400 MX Priority: 0 Destination: domain.com Edit Delete mail.domain.com. 14400 CNAME domain.com 0 -
What do I change the records to? 0 -
I'm a bit confused - you mentioned that after changing it to the first recommendation that things are working. If that's the case, you should leave things as they are. Is something still not behaving how you expect? 0 -
Sorry about that. I was confused, too. I just wanted to know which was better and for what reason (the default by cpanel or the second mail setting). what would the use-case(s) be. 0 -
Neither is better, it's just a different way to handle mail. The default setting here: domain.com. 14400 IN MX 0 domain.com. mail 14400 IN CNAME domain.com.
is what gets used for most domains, when you want the mail to be delivered locally. These records just configure the DNS so that domain.com and mail.domain.com point to the same place. The second example:domain.com. 14400 IN MX 0 mail.domain.com. mail 14400 IN A 1.2.3.4
is what you'd use when you have the website on one server but want the mail to go to a different location, allowing you to specify the IP address of mail.domain.com. So neither is "better" or "correct" - just different implementations to accomplish different configurations.0
Please sign in to leave a comment.
Comments
7 comments