Journal 2022-05-23

• Blog

Email Custom Domain Setup

If your provider supports it you can set a custom domain alias as your email address.

Documentation: Custom Domain

Although the following points are all recommended, only providing the TXT key and setting the MX records are the required ones. It’s recommended doing all of them to prevent receivers flagging the email sent by the alias as spam.

First, you need to registered the domain alias with your email provider. It will provide you with a key to register on to your DNS provider.

• TXT key: you need to register the key as a TXT record. It can take some time to the record to propagate. This is used for verification by your mail provider.
• MX records: You need to register your mail provider MX records.
  • MX: A mail exchanger record specifies the mail server responsible for accepting email messages on behalf of a domain name.

To prevent that your mail will be flagged as Spam, you will need to register some additional records

• SPF: was devised to remedy this situation and is formalised in the Internet standard RFC 4408. The Sender Policy Framework allows administrators to specify one or more mail servers for a domain and thus, define legitimate origins of e-mail for that domain.
  • It’s a TXT record containing something like: v=spf1 include:example.com ~all
    • v=spf1 The SPF version used. Here: 1
    • include:example.com: Allows all servers under the domain example.com to send e-mails for the domain.
    • ~all: Receiving mail servers are asked not to reject any incoming e-mails from this domain. However, they will treat those e-mails as potential spam and perform additional checks to confirm the sender.
• DKIM: DomainKeys Identified Mail is an email authentication method designed to detect forged sender addresses in email, a technique often used in phishing and email spam. DKIM allows the receiver to check that an email claimed to have come from a specific domain was indeed authorized by the owner of that domain.
  • You need to register a number (ex: 4) of CNAME records that point to subdomain of the providers, this will contain the key as a TXT record for verification.
  • Ex: MBO0001._domainkey.example.com target MBO0001._domainkey.foo.com
• DMARC: (optional) is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.
  • You will need to register a postmaster or hostmaster of the domain that will receive emails for alerts of unauthenticated, rejected or quarantined emails.

To be able to automatically configure the IMAP and SMTP servers on a client like Thunderbird, you need to configure a CNAME and SRV records for autodiscovery.

SRV: A Service record is a specification of data in the Domain Name System defining the location, i.e., the hostname and port number, of servers for specified services. It is defined in RFC 2782

Wikipedia

• CNAME: create a autodiscovery record having your mail box provider domain as target
• SRV: you need to create a SRV record as follows _autodiscover._tcp IN SRV 0 0 443 exemple.com.
  • _autodiscover: is the service type/name
  • _tcp: is the service protocol
  • 0 0: the priority and weight parameters
  • 443: the service port
  • example.com: the domain of the actual service

This will point the clients to an XML file on your mail provider server.

Things I leaned

• pods: process on a system that represent a namespace where we launch one or more containers

Tools

• Podman: Run containers without a daemon
  • podman is begging ported to BSD
  • nix can build container images that can be run by podman