DNS Configuration Guide

How to point domains/subdomains and authorize them in the database

This document explains how to correctly configure DNS for domains or subdomains that will use the Mail Forwarding Service, so they can be safely:

  • accepted by Postfix

  • authorized in the database (domain table)

  • used by the API and UI

DNS must be configured before inserting the domain into the database. If DNS is wrong, mail delivery, forwarding, SPF, or DMARC will fail.

Step 1 — PTR / Reverse DNS (mandatory, done at provider)

PTR (reverse DNS) must be configured first, directly at your VPS or hosting provider.

Generic model

IPv4  ->  mail.your-domain.tld
IPv6  ->  mail.your-domain.tld

mail.your-domain.tld  ->  IPv4
mail.your-domain.tld  ->  IPv6

Real example (current setup)

PTR: 161.97.146.91              -> mail.abin.lat
PTR: 2a02:c207:2298:1997::1     -> mail.abin.lat

mail.abin.lat -> 161.97.146.91
mail.abin.lat -> 2a02:c207:2298:1997::1

Important notes:

  • PTR is not configured in Cloudflare or normal DNS panels

  • PTR must match the hostname used by Postfix (myhostname)

  • Missing or mismatched PTR is the #1 reason for outbound mail rejection

Step 2 — DNS records for a domain

Target domain example: example.com Mail host: mail.abin.lat

Required records

TYPE

NAME

CONTENT

PRIORITY

MX

@

mail.abin.lat

10

SPF (recommended)

example.com TXT "v=spf1 ip4:<YOUR_IPV4> ip6:<YOUR_IPV6> -all"

Example using current IPs:

example.com TXT "v=spf1 ip4:161.97.146.91 ip6:2a02:c207:2298:1997::1 -all"

DMARC (recommended)

_dmarc.example.com TXT "v=DMARC1; p=none; rua=mailto:dmarc@example.com; fo=1"

Step 3 — DNS records for a subdomain

Target subdomain: sub.example.com Mail host: mail.abin.lat

Required records

TYPE

NAME

CONTENT

PRIORITY

MX

sub

mail.abin.lat

10

SPF

sub.example.com TXT "v=spf1 ip4:<YOUR_IPV4> ip6:<YOUR_IPV6> -all"

DMARC

_dmarc.sub.example.com TXT "v=DMARC1; p=none"

Step 4 — Authorize the domain in the database

After DNS is fully propagated, insert the domain (or subdomain) into the domain table.

Example:

INSERT INTO domain (name, active) VALUES ('example.com', 1);

For subdomains:

INSERT INTO domain (name, active) VALUES ('sub.example.com', 1);

Once inserted:

  • Postfix will accept mail for the domain

  • The API can create aliases

  • The UI can expose the domain (if listed in NEXT_PUBLIC_DOMAINS)

Common mistakes / important notes

  • PTR missing or wrong → outbound mail rejected

  • MX pointing to wrong host → mail never reaches your server

  • SPF not matching server IP → forwarded mail may fail DMARC

  • Domain added to DB before DNS → mail will fail even if alias exists

  • Using a hostname without A/AAAA → Postfix cannot identify itself correctly

Summary (checklist)

Before adding a domain to the database:

  • PTR → mail.your-domain.tld

  • mail.your-domain.tld → A / AAAA

  • MX → mail.your-domain.tld

  • SPF includes server IP(s)

  • DMARC present (at least p=none)

  • Domain inserted into domain table

Updated on
DB Cleanup Cronjob (optional)