Emails/DNS

MX
The most important DNS record, is the MX one. It is the one that allows other persons to find your server and send you emails
 * Name (@): This must point to the root of your domain
 * Type (MX): MX record indicate the recipient of emails
 * Value (10 smtp): Indicate that the server smtp.example.org will handle the emails of your domain. The number 10 represent the priority. YOu can add other servers with increasing priority (10, 20, 30...)

SMTP
This record is used for two purposes:
 * It is the one pointed by the MX record above. External server will send emails here.
 * It is also the one that you will use in your email client to send emails from your machine to other persons.
 * Name (smtp): This will be expanded to smtp.example.org
 * Type (A/AAAA): A for IPV4 and AAAA for IPV6. Note that as the above MX record is pointing to this one, you cannot use a CNAME here
 * Value: The IP address of your server

IMAP
This record is used for Dovecot.
 * Name (imap): This will be expanded to imap.example.org
 * Type (CNAME): A for IPV4 and AAAA for IPV6. Note that as the above MX record is pointing to this one, you cannot use a CNAME here
 * Value (server): The name of your server. You must have a corresponding server.example.org record with the IP address

SPF
The SPF record is a spam fighting tool. It allows to tell other mail server who is allowed to send emails on your behalf.
 * Name (@): This must point to the root of your domain
 * Type (TXT): The SPF record is of type TXT. You might might find some example using a SPF record, but this type of record is deprecated and should not be used
 * Value: The SPF record must follow a strict syntax. The example above allow the server pointed by the MX record to send emails and disallow all others. For more options, you can use a SPF record generator

DKIM
See Exim/DKIM

DMARC
DMARC is a technology built on top of SPF and DKIM. While the previous two allow to determine if an email from your domain is legitimate, DMARC indicate the recipient what to do when an email fail the test. A DMARC record look like this:
 * Name (_dmarc): This is a well known value. You cannot change it
 * Type (TXT): The DMARC record is of type TXT
 * Value: A DMARC record consist of several fields. The most notable ones are:
 * policy: indicate what to do with an email that fail the test. Values are:
 * none: Don't treat the email specifically. This is a good value to start with. Use it in combination with the reporting option to get reports before blocking emails.
 * quarantine: Mails are put in the Spam folder
 * reject: Mails are rejected. Recipient cannot see them anywhere
 * aggregate reports: Use this to receive a daily report of emails failing the test. You can parse them and get reports at websites like dmarcanalyzer.com
 * forensic reports: Same as the aggregate but get one report per email with more details. The site above parses them in their paid version To generate a valid record is is recommanded to use a dmarc wizard.

Mail
This record is used to access Roundcube.
 * Name (mail): This will be expanded to mail.example.org
 * Type (CNAME): A for IPV4 and AAAA for IPV6. Note that as the above MX record is pointing to this one, you cannot use a CNAME here
 * Value (server): The name of your server. You must have a corresponding server.example.org record with the IP address