On Sat, May 1, 2021 at 1:32 AM Ed Greshko <ed.greshko@xxxxxxxxxxx> wrote:
On 01/05/2021 15:31, Jack Craig wrote:
> seems t be working better, how many holes do you see at this point??
Since this now works....
Well let's say it's limping along, as you point out below, it has some issues but that's great
huge step for me thanks to you guys
[egreshko@meimei ~]$ host ws.linuxlighthouse.com
ws.linuxlighthouse.com has address 108.220.213.121
ws.linuxlighthouse.com mail is handled by 10 ws.linuxlighthouse.com.
I'd say you're very close. People outside of your network can now query just fine.
Yes the proverbial devil in the details
As for holes.....
1. If you are going to host an email server then you have some changes to make.
Well I'm not going to serve mailbut, I do want to have my DNS properly configured .
so chasing down and resolving all these little issues is next
Normally email addresses are "domain" addresses as opposed to "host" addreses.
So, you'd normally want your email address to be e.g. "jack@xxxxxxxxxxxxxxxxxxx".
But you don't have an MX record for your domain. You have it for a host.
I actually have a host to serve this IP number so this error too must go
configuration but in either case I want to get this MX configuration correct
[egreshko@meimei ~]$ host ws.linuxlighthouse.com
ws.linuxlighthouse.com has address 108.220.213.121
ws.linuxlighthouse.com mail is handled by 10 ws.linuxlighthouse.com.
You'd really want these returns (I've, of course, made those up)
[egreshko@meimei ~]$ host linuxlighthouse.com
linuxlighthouse.com has address 108.220.213.121
linuxlighthouse.com mail is handled by 10 ws.linuxlighthouse.com.
and
[egreshko@meimei ~]$ host ws.linuxlighthouse.com
ws.linuxlighthouse.com has address 108.220.213.121
2. You now want to fix your named.conf to have "recursion no;" The default is "yes".
You don't want your DNS server acting as a server every domain. If someone queries
your server directly you want it to return (using cnn.com as the example).
This recursion option has been turned off right now , thank you for that
Host cnn.com not found: 5(REFUSED)
3. And, I think you already know this, your web server's cert is wrong. The security
report is
It's a result of a confusion on my part about the difference between domain names and subdomains,
i am updating letsencrypt now and looking to verify my ssl layer is setup correctly.
This server could not prove that it is linuxlighthouse.com; its security certificate is from ws.linuxlighthouse.com. This may be caused by a misconfiguration or an attacker intercepting your connection
Linuxlighthouse.com is the domain name ,ws.linuxlighthouse.com is the DNS servers' name.
It's definitely misconfiguration. in this case there's nothing on this side of the firewall that any attacker would want :(
--
Remind me to ignore comments which aren't germane to the thread.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
