[wplug] Settings for 2 servers and email
Larry Daberko
larry at daberko.com
Sat Jul 7 22:43:28 EDT 2007
Kevin Squire wrote:
> I want to make sure I have this right in my head before I finish setting
> the DNS/MX records and I tell the bosses that all is ready.... so I was
> hoping to pass this through some of your brains :-)
>
>
I had to wrap my head around this too...
> We are finally hosting our own servers, 1 for request-tracker (a bug
> tracking system), and 1 for student email. Internally, the computer
> names are Merlin (for RT) and Phoenix (for email).
>
> Right now, we already have the DNS set for http://rt.mypavcs.org/ to
> point to IP address 65.105.38.217 . Merlin is up and running, and
> behaving nicely.
>
>
Behaving nicely is good. We don't need to worry about this then.
> Also right now, http://mypavcs.org/ or http://www.mypavcs.org/ points to
> IP address 82.165.206.194 (a 1&1 hosted service) that redirect to a
> particular page on our main website for some promotion we are running.
> After the promotion is done, These will point to 65.105.38.216 -
> Phoenix. http://www.mypavcs.org/ will really just be a 1 page "portal"
> page to send fokes the right direction.
>
>
If I read this correctly, you want to be using Phoenix as a main website
in addition to email?
> I have also set http://mail.mypavcs.org to point to 65.105.38.216
> (although at the time of writing this, I am still waiting for the Cisco
> guy to get to our firewall for this). This is to set up a WebMail
> interface for the students (SquirrelMail).
>
>
There may be security issues with running SquirrelMail on the same
server as your mail server. But it's doable.
> All this is good, and I (am pretty sure I) have a handle on this stuff.
>
> Here is what I want:
> http://mypavcs.org AND
> http://www.mypavcs.org --> phoenix's portal page
> http://rt.mypavcs.org --> merlin's RT interface (working fine)
> http://mail.mypavcs.org --> phoenix's SquirrelMail interface
>
> USER at mypavcs.org --> phoenix
> USER at mail.mypavcs.org --> should die/be dropped (I think)
> USER at rt.mypavcs.org --> should die/be dropped (I think)
>
>
Serving mail.mypavcs.org and www.mypavcs.org will require virtual
hosting setup on apache on Phoenix. I assume you know that.
> SO if I understand everything correctly, here is what I have/want...
> Domain name mypavcs.org
> IP address
> (A record) 65.105.38.216
> Name server 1 ns58.1and1.com
> Name server 2 ns57.1and1.com
> Mail server 1 mail.mypavcs.org, 1
>
> Domain name mail.mypavcs.org
> IP address
> (A record) 65.105.38.216
> Name server 1 ns58.1and1.com
> Name server 2 ns57.1and1.com
> Mail server 1 ???
> Mail server 2 ???
>
> Domain name rt.mypavcs.org
> IP address
> (A record) 65.105.38.217
> Name server 1 ns58.1and1.com
> Name server 2 ns57.1and1.com
> Mail server 1 ???
> Mail server 2 ???
>
>
> Should I do anything with the mail and rt .mypavcs.org MX record? Do I
> have the whole CNAME/A Record stuff set right?
>
>
There's only one mail server entry for the entire mypavcs.org domain,
not for every server entry.
Instead of explaining point by point, I'll just summarize what I think
the DNS should be.
mypavcs.org. IN NS ns58.landl.com.
mypavcs.org. IN NS ns57.landl.com.
mypavcs.org. IN MX 10 phoenix.mypavcs.org.
phoenix.mypavcs.org. IN A 65.105.38.216
merlin.mypavcs.org. IN A 65.15.38.217
mail.mypavcs.org. IN CNAME phoenix.mypavcs.org.
rt.mypavcs.org. IN CNAME merlin.mypavcs.org.
OR you can use IP addresses for mail and rt if you want to hide the
actual server names. I like CNAMEs personally so there's only one thing
to change if something gets moved.
> Thanks for your time and assistance.
> -Kevin
>
>
The security issues and complexity raised by running SquirrelMail,
Apache virtual hosting, and mail on one server makes me cringe. From
experience, I would highly recommend perhaps separating them onto
different servers. They don't have to be beefy for SquirrelMail and a
one page portal. Most likely you'll have junk PCs around that can
handle them.
LBD
More information about the wplug
mailing list