4

I'm making a website which uses the subdomain as part of its name, e.g. really.cool.example (not the actual site, obviously) and have really@cool.example as the support/contact email address.

The website is hosted on Linode and I'm using Linode to manage the DNS. The mail server is on some cPanel provider elsewhere.

  • I have an "A record" for the subdomain really pointing to my Linode's IP address, and can access really.cool.website via a browser.
  • I have an MX record for cool.website (no subdomain) pointing to the server with cPanel and can send and receive emails to & from really@cool.example

So the above is working.

What I want now is to catch emails sent to an incorrect address on my domain. I set up "default email" on cPanel to forward to really@cool.example, and this works for emails like XYZ@cool.example

The bit I need help with is capturing emails to say support@really.cool.example which is an understandable mistake users might make.

If I send an email to support@idontexist.cool.example, I get a bounce back. However, if I send it support@really.cool.example it simply disappears into the ether, presumably because the subdomain really has an A record.

The question is how do I catch this?

I eventually want to redirect all of these domains to really.cool.example:

  • cool.example (i.e. blank/naked)
  • www.cool.example
  • www.really.cool.example

Because that's things users are likely to type by accident, but have not done so yet (I believe there's a few ways of doing this?)

What I'd like to know is:

  1. How I catch emails to support@really.cool.example
  2. What effect the redirects I plan to put in place will have on the email address (will it break what I already have, or even resolve the email wildcard?)

(I usually try to find things out myself, but with DNS it's unbearable not knowing if they are wrong or simply didn't propagate, especially if I'm going to be trying multiple permutations).

EDIT: for clarification:

  1. I want all the captured emails to end up in the same address really@cool.example (which already catches most wrong emails) not that I understand why that matters as surely if I can catch it at a different email address e.g. catch-all@really.cool.example then I can just forward them.
  2. I do not know where in the process I want to catch them, so long as I catch them, and am open to suggestions involving intermediate email addresses, or doing something on the subdomain server, if my goal cannot be achieved purely with DNS settings.
andyhasit
  • 163
  • 7
  • 2
    The question isn't how do you catch the mail, but where do you want it to go? You need to determine that first. – Michael Hampton Apr 24 '19 at 16:39
  • Does that really matter..? If someone can show me how to catch it, I can decide where to send it (likely to the same address which malformed top level domain emails get redirected to, which I already have working) – andyhasit Apr 24 '19 at 16:51
  • Yes, it matters. You have to "catch" it somewhere. Before you can catch it, you have to figure out where that is. – Michael Hampton Apr 24 '19 at 16:55
  • Ah. That's different to asking where it should go :-) I do not know where to catch it, which is why I'm asking the question (e.g. Do I need to create an MX record with the subdomain, will that work, would I need to create a new email address? Is there a better solution etc...) – andyhasit Apr 24 '19 at 17:00
  • Well, you already have a mail server. Why not use it? – Michael Hampton Apr 24 '19 at 17:08
  • Can you be a bit more specific? – andyhasit Apr 24 '19 at 17:13
  • You configure your existing mail server to accept mail for the domain, and then set the MX record. – Michael Hampton Apr 24 '19 at 17:25
  • I already have done all that for the root domain (see question). Are you saying I should also set up the mail server to handle mail for the subdomain? – andyhasit Apr 24 '19 at 17:28
  • 1
    I'm saying you _can_ do. – Michael Hampton Apr 24 '19 at 17:31
  • `.website` is a real TLD, existing and live today, see https://www.iana.org/domains/root/db/website.html. DO NOT USE it for obfuscation purposes, this is bad and hence my downvote. Use RFC2606 for guidance on how to obfuscate. Basically use `.TEST` or `.EXAMPLE` as TLDs if really needed to obfuscate (which is rare) – Patrick Mevzek Apr 24 '19 at 22:46
  • Each level of the DNS works in the same way. So in the same way that you put a MX record for `cool.example` you can put an MX for `really.cool.example` and point both to same SMTP server or different ones. – Patrick Mevzek Apr 24 '19 at 22:47
  • @PatrickMevzek that's the question updated in terms of obfuscation, thanks for the tip! – andyhasit Apr 25 '19 at 11:59

2 Answers2

4

Simple: Set an MX record for real.cool.website and every other subdomain you actually have an A/AAAA or CNAME record for pointing to the cPanel server (and make sure it handles that mail)

For everything else that you want to catch (e.g. misspellings), you can add a wildcard MX entry also pointing to that cPanel server (again making sure it will actually handle this).

You need to add explicit MX records for every name you have DNS records for, as MX wildcards don't match if you have any other records (see this Q&A.

Of course all of this assumes you want your primary mail server to actually handle all mail.

All that said: IMHO you should only really accept mail for real domains you want to have mails - let wrongly spelled and otherwise invalid addresses bounce so that users are aware of their error.

Also note: Any question regarding your cPanel mail server (e.g. how to make it handle subdomains) would be off-topic and are not welcome here.

Sven
  • 97,248
  • 13
  • 177
  • 225
2

I'm answering own question (but accepting Sven's answer) as there's more to this, and understanding it may help others.

Given a domain cool.example with an A record for subdomain really.cool.example, and an MX record for cool.example what will happen is this:

  • emails to contact@idontexist.cool.example bounce back instantly
  • emails to contact@really.cool.example "seem" to disappear with no bounce back

But what is actually happening is that emails sent to contact@really.cool.example will eventually result in a "delivery failed" message, but only after a few days of trying, which, when testing, may give the impression they end up nowhere.

This because the subdomain idontexist.cool.example cannot be found at all so results in an immediate bounce back, whereas really.cool.example is found (because of the A record) but cannot handle mail (because there's no MX record) and so the mail service keeps trying for a few days.

The solution, as @Sven and @Michael Hampton point out, is to create an MX record for any subdomain you wish to capture mail for (being mindful that MX wildcards don't match if you have any other records, which is very likely if your site is entirely on a subdomain, so you need to create explicit MX records).

@Sven also says:

you should only really accept mail for real domains you want to have mails - let wrongly spelled and otherwise invalid addresses bounce so that users are aware of their error.

I agree with that, but the problem is how long the user has to wait to be informed that they made an error - which in the case of an email sent to a subdomain for which there is an A/CNAME record but no MX record could be a few days, which is probably not acceptable.

To get round this you can:

  1. Create a NULL MX record for the subdomain (preference of 0 and point to ".") which will cause an immediate bounce back, but not all DNS providers or their interfaces* let you do this.
  2. Create an MX record pointing to a mail server configured to send an automated reply, just so the user isn't left hanging for a few days.

*e.g. at time of writing Linode's web interface does not allow this, yet it seems possible to achieve this via Linode's CLI tool.

andyhasit
  • 163
  • 7