So my problem is simple I just need a solid answer so that I don't break the email service.
I have two servers one for mail and other for the web service. The web server is responsible for the SSL certificates renewal (I'm using Let's Encrypt Certificate Authority).
My DNS A record is mail.example.com and points to the mail server IP. The MX record points to that A record.
The SSL certificates validation is made via DNS so I added another A record with the same hostname (mail.example.com) but pointing to the web server IP.
I tried this for a little while and It worked out (the validation succeeded and the mail service worked normally) but im not 100% sure about it and led me two the following thoughts:
1 - The A record for the web server was added after, so in the DNS query the mail server IP comes first, and because of this everything works fine.
2 - I read somewhere that the in the browser the DNS queries results are used in a random order. If the first IP can't serve HTTP requests the second will be used. I'm not sure about this but could it be that for the mail service the same happens? If the first IP resolved does not accept mail, it will try the second one?
I would like to be clarified about this because I wan't to be 100% sure of what is happening and why, to prevent any problems in the future.
No comments:
Post a Comment