1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
---
layout: post
title: Server stuff
date: 2022-01-20 18:55 +0100
category: tech
language: en
description: "I experiment with SPF, DMARC and DKIM."
---
So, nothing special.
I experimented with my vServer, set up Postfix (read: replaced exim as smarthost client
and set up Postfix as regular mail server).
Being technically interested, I also set up SPF and DMARC for my existing domains.
Then I set up DKIM for my vServer (was already setup on my regular domains by
my web hoster), together with SPF and DMARC.
I also contacted the all-inkl support to move my servers, so I could finally update
Nextcloud (since MySQL 5.x on the old servers would no longer be supported).
Finally, I found about about DANE. Unfortunately, I can only set this
up on my vServer, since it required to put the certificate hash as DNS record.
Using letsencrypt certificates, which are renewed every ~ 90 days, this makes
it very ugly. On my vServer, I can configure the ACME client to reuse the key
(has stays the same, DANE record stays valid). However, with my web hosting,
this is not an option. Oh well.
|