The primary lookup key is the domain name, so for clarity let's swap columns in your zone:
NAME → TYPE DATA
------ ------ -------------------------------------------
@ A VPS_IP_ADDRESS
mail A SHARED_IP_ADDRESS
mail CNAME example.com
mail MX 0 example.com.
mail TXT "v=spf1 +a +mx +ip4:SHARED_IP_ADDRESS ~all"
www A VPS_IP_ADDRESS
Now some problems should become more obvious.
The records for your website are okay – both the bare domain, and the www
subdomain, have A records pointing to the web server. However, your mail setup is a complete mess.
The CNAME record
CNAME means "completely alias this subdomain to example.com
". In your situation that's 1) undesirable, since it'd add a wrong A record to the mail
subdomain; 2) illegal, since you cannot mix CNAME and non-CNAME records on the same subdomain, 3) illegal, because the mail
subdomain will be the target of MX, which doesn't allow CNAMEs.
Delete it.
The MX record
When people send mail to something@example.com
, they will look for a MX record on example.com
– that is, the exact same domain as in the recipient's address. They will not look under some miscellaneous subdomain.
Your current MX record is backwards; it's on the mail
subdomain, pointing to the root domain (so incoming mail will never reach the shared-hosting server). You should change it to be the other way around:
NAME TYPE DATA
------ ------ -------------------------------------------
@ MX 0 mail.example.com.
mail A SHARED_IP_ADDRESS
(Well, unless you want your address to be "something@mail.example.com"... But I doubt that.)
The "spf1" TXT record
When people receive mail from something@example.com
, again they will look for a "spf1" TXT record on example.com
, exactly as in the sender's address. So your current record is also in the wrong place: it should be under the bare domain.
NAME TYPE DATA
------ ------ -------------------------------------------
@ TXT "v=spf1 +this +that ~all"
Its contents are also somewhat redundant. You don't need +a
, unless you're planning the web VPS itself to be sending mail directly. (But it shouldn't be doing that – it should go through the shared-hosting provider's SMTP server, so that messages can be properly DKIM-signed.)
You also shouldn't need both +mx
and +ip4:SHARED_IP_ADDRESS
, because your MX record will be pointing to that IP address anyway.
The "DKIM" TXT record
This seems to be correct – assuming you obtained it from the shared-hosting email provider.
Thanks a million for all the clarifications. Can't believe I was mixing up things that much. Applying changes and will inform of the result shortly. Thanks again. – Mehmet Koçali – 2018-02-22T15:49:55.997