From 2f7edafd0a0016d73689a7e57393a31a5b701cf7 Mon Sep 17 00:00:00 2001 From: Luke Smith Date: Sat, 11 Feb 2023 11:09:24 -0500 Subject: [PATCH] mx record added and mail subdomain note --- README.md | 4 +++- emailwiz.sh | 9 +++++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index f08a3ae..0238a36 100644 --- a/README.md +++ b/README.md @@ -45,7 +45,9 @@ give your full domain without any subdomain, i.e. `lukesmith.xyz`. 1. Debian or Ubuntu server. I suited this script for [Vultr](https://www.vultr.com/?ref=8940911-8H) servers originally, but it works consistently on any normal setup. -2. DNS records that point your domain to your server's IP (IPv4 and IPv6). +2. DNS records that point at least your domain's `mail.` subdomain to your + server's IP (IPv4 and IPv6). This is required on initial run for certbot to + get an SSL certificate for your `mail.` subdomain. ## Mandatory Finishing Touches diff --git a/emailwiz.sh b/emailwiz.sh index 9e6c04a..4167f88 100644 --- a/emailwiz.sh +++ b/emailwiz.sh @@ -331,6 +331,7 @@ pval="$(tr -d '\n' <"/etc/postfix/dkim/$domain/$subdom.txt" | sed "s/k=rsa.* \"p dkimentry="$subdom._domainkey.$domain TXT v=DKIM1; k=rsa; $pval" dmarcentry="_dmarc.$domain TXT v=DMARC1; p=reject; rua=mailto:dmarc@$domain; fo=1" spfentry="$domain TXT v=spf1 mx a:$maildomain -all" +mxentry="$domain MX 10 $maildomain 300" useradd -m -G mail dmarc @@ -338,9 +339,11 @@ grep -q '^deploy-hook = echo "$RENEWED_DOMAINS" | grep -q' /etc/letsencrypt/cli. echo " deploy-hook = echo \"\$RENEWED_DOMAINS\" | grep -q '$maildomain' && service postfix reload && service dovecot reload" >> /etc/letsencrypt/cli.ini -echo "$dkimentry +echo "NOTE: Elements in the entries might appear in a different order in your registrar's DNS settings. +$dkimentry $dmarcentry -$spfentry" > "$HOME/dns_emailwizard" +$spfentry +$mxentry" > "$HOME/dns_emailwizard" printf "\033[31m _ _ @@ -357,6 +360,8 @@ $dkimentry $dmarcentry $spfentry + +$mxentry \033[0m NOTE: You may need to omit the \`.$domain\` portion at the beginning if inputting them in a registrar's web interface.