Advertisement
I have a dns with cloudflare. In te zone I have 2 A records. One example_com that point to a website and mail.example_com that point to our email server. Now we want to close down the website and only keep the mail server. In the dns, can I take away the example_com record and just keep the mail_example_com? Both are A records<\/p>\n
TIA<\/p>\n
Anders Yuran<\/p>","upvoteCount":5,"answerCount":5,"datePublished":"2024-08-23T15:22:40.241Z","author":{"@type":"Person","name":"havouza15","url":"https://community.spiceworks.com/u/havouza15"},"acceptedAnswer":{"@type":"Answer","text":"
I don’t see any reason you can’t delete your website A record. Since your MX A record is pointing to your mail server IP address then it shouldn’t be reliant upon your website A record at all.<\/p>\n
With that said, you should definitely be adding some TXT records to strengthen your email security. An SPF TXT record on your root domain as well as a _dmarc TXT record would be wise to add as soon as you can.<\/p>","upvoteCount":1,"datePublished":"2024-08-23T16:35:16.940Z","url":"https://community.spiceworks.com/t/newbi-dns-question/1109351/3","author":{"@type":"Person","name":"briangeng","url":"https://community.spiceworks.com/u/briangeng"}},"suggestedAnswer":[{"@type":"Answer","text":"
I have a dns with cloudflare. In te zone I have 2 A records. One example_com that point to a website and mail.example_com that point to our email server. Now we want to close down the website and only keep the mail server. In the dns, can I take away the example_com record and just keep the mail_example_com? Both are A records<\/p>\n
TIA<\/p>\n
Anders Yuran<\/p>","upvoteCount":5,"datePublished":"2024-08-23T15:22:40.304Z","url":"https://community.spiceworks.com/t/newbi-dns-question/1109351/1","author":{"@type":"Person","name":"havouza15","url":"https://community.spiceworks.com/u/havouza15"}},{"@type":"Answer","text":"
Usually you have www point to your website IP, but if you only use example.com<\/a> without a www then yes, assuming it isn’t used for something else, you can disable this record. Note I say disable, not delete.<\/p>\n I don’t think you can delete it, especially not if it’s just example.com<\/a> but you can change the IP it points to or the URL to something else, perhaps redirect it to the same place as email.<\/p>","upvoteCount":1,"datePublished":"2024-08-23T16:27:00.368Z","url":"https://community.spiceworks.com/t/newbi-dns-question/1109351/2","author":{"@type":"Person","name":"Rod-IT","url":"https://community.spiceworks.com/u/Rod-IT"}},{"@type":"Answer","text":" The security is well protected, I just mentioned the A. It also have Dkim, Spf and dmarc records. The mailserver score 10/10 wherever I test and even gmail accept it according to testresults<\/p>","upvoteCount":0,"datePublished":"2024-08-23T17:46:21.581Z","url":"https://community.spiceworks.com/t/newbi-dns-question/1109351/4","author":{"@type":"Person","name":"havouza15","url":"https://community.spiceworks.com/u/havouza15"}},{"@type":"Answer","text":" But…because it is a subdomain of your email domain, rather than an alternate domain (eg www.example), I would maybe think about just pointing it to the mail server IP, the issue here is it becomes susceptible to DNS poisoning, because a query for all your dns records by a delegating server will have an empty spot for example.com<\/a> that never gets overwritten, so it can be poisoned with a bogus IP by splicing attacks.<\/p>","upvoteCount":0,"datePublished":"2024-08-23T21:23:38.065Z","url":"https://community.spiceworks.com/t/newbi-dns-question/1109351/5","author":{"@type":"Person","name":"somedude2","url":"https://community.spiceworks.com/u/somedude2"}}]}}