Mail server: domain/sub-domain question


Sorry to drag you all into another “mail server 101”!

My YunoHost server

Hardware: Second hand HP Pro 3330 4gb RAM
YunoHost version: 3.6.4
I have access to my server : SSH, webadmin, directly via screen
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : No. Nothing beyond the defaults / following standard documentation.

Description of my issue

I have a domain registered with Gandi DNS. I’ve setup Yunohost to be accessible on the sub-domain (A record). I intend to use for the main website (a _ynh package of some sort).

I would like to have users have their email addresses on and not However, my main domain for Yunohost (used at post-install time) is the domain.

So, I am wondering, can I choose at post-install time, as I have done and then still configure my DNS records to use as the main email domain? What should I keep in mind for this?

I was unsure because yunohost domain dns-conf and yunohost domain dns-conf are giving me very different configurations: gives me all the DKIM/DMARC/SPF stuff.


The documentation is helpful! But: “For specific needs or specific setups, and if you know what you’re doing, you might want or have to tweak these or add additional ones (e.g. to handle subdomains).” can hopefully be expanded. I think it’s a pretty standard need to allow for a “” or whatever when setting up a Yunohost. I will try to do this as my understanding improves.

Huh, does the:

mail._domainkey 3600 IN TXT "v=DKIM1; k=rsa; p=someHuuuuuuugeKey"

Mean that you should have a “” A record setup (because mail._domainkey)?

OK, I managed to get my 10/10 rating …

Here’s my Gandi DNS text entry (amended some details …):

* 1800 IN A {IP}
@ 1800 IN A {IP}
@ 1800 IN CAA 128 issue ""
@ 1800 IN MX 10
@ 1800 IN TXT "v=spf1 a mx ip4:{IP} -all"
_dmarc 1800 IN TXT "v=DMARC1; p=none"
_xmpp-client._tcp 1800 IN SRV 0 5 5222
_xmpp-server._tcp 1800 IN SRV 0 5 5269
login 1800 IN A {IP}
mail 1800 IN A {IP}
mail._domainkey 1800 IN TXT "v=DKIM1; h=sha256; k=rsa; p={KEY}"
muc 1800 IN CNAME @
pubsub 1800 IN CNAME @
vjud 1800 IN CNAME @
xmpp 1800 IN A {IP}

Where is my yunohost admin/sso login domain. I’ve got,, etc. registered as domains with lets encrypt certifications in the yunohost admin.

The PTR record remains a bit of a mystery but I’ve got a guess for it :wink:

Hopefully this helps someone! I’ll try to submit a documentation patch …

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.