Note: There's some opinionated ranting in this. You're free to ignore it :)
Ok, this is email we're talking about, so we should start by saying there is simply no way to guarantee deliverability of a message. SMTP was devised in a quieter, more trusting time. Since then, many people have implemented what they see as the final solution to spam, only to be amazed that it hasn't worked; or that the spammers have figured out how to defeat it; or that it relies on everyone having done it to be effective. (or dozens of other reasons). What we have now is mess of balkanized systems and half-implemented ideas that mean that it's practically impossible to ensure your message will get through.
My opinion is that most of the best practice should be centred around receiving email, rather than sending it. As as sender, it's not your job to ensure it meets whatever random measures the recipient has in place. It's their job to ensure their filtering doesn't block legitimate mail based on assumptions about what a mail message should look like; many of which don't take full account of the interesting ways in which mail can be routed and delivered.
First, what I can't find anywhere is
whether or not the domain name of the
From: email address needs to match the
domain name of the SMTP server.
In principal, no. There are many legitimate reasons why an MTA will send mail from addresses that have nothing to do with its own domain. You might come across systems that reject your mail for this reason, but this is not your problem. It doesn't hurt to have your PTR records match your domain and for the HELO announcement to match those, at least at the TLD; but anything that rejects purely because the From:
domain doesn't match the PTR TLD is broken.
If so, then I am confused by the
advice given here, specifically (in a
listing of bad case scenarios):
No SPF record for the domain being
used in the HELO command.
SPF records are another of these "it sounds right in principal" ideas (See here for another rant on that subject) that has gained a lot of weight. The main problem for me is that a lot of MTAs unfairly punish domains that simply don't publish any SPF at all. Again, this is not your problem.
That said, I've put one in place for our domains, because it's not done to get mardy with customer sysadmins too frequently. It ends up being a political decision, rather than a technical one.
If you're going to use SPF and leave your PTR and HELO as abc.def.linode.com
; then the SPF record for all of your From:
domains should list that server as a sender. If you don't have control over foo.com
and bar.com
DNS, then you'll have to talk to someone who does.
I'm currently using the linode.com
SMTP+PTR domain and example.com From:
address combination without much of
any deliverability issue
and neither should you have. If you publish SPF at all and the linode.com
seerver isn't listed, then you'll get bounced a lot. However, if you have listed it, or if example.com
doesn't publish any SPF records at all, then you should be fine. (I repeat my earlier point that MTAs rejecting mail because there's no SPF published at all are broken and probably bouncing a lot of legitimate mail).
If you want to receive email you will want a static IP address for your mail server. In your case, I would have the mail service receive mail on your behalf as well. I would expect that the MX record would point to the provider's sever. Consider adding an SPF record indicating that the mail provider will be sending email for your domain.
If you are sending email to the Internet you do need an MX of some sort. Your email provider is correct in requiring you to setup an MX record. Your MX can point to their domain.
Consider mapping www.mydomain.com
to the Azure service, if you have other services you can use the same subdomain, or additional subdomains. mydomain.com
does not need to have an A record, but will need an MX record.
Having a CNAME record for mydomain.com
eliminates the ability to have subdomains.
Try something like:
mydomain.com. MX 10 mail.mailprovider.com
mydomain.com. TXT 'v=spf1 mx -all"
www.mydomain.com. CNAME mydomain.cloudapp.net
Best Answer
DNS is not HTTP. It knows nothing about URLs. It only deals with domain names.
Therefore, adding an A or CNAME record that refers to a portion of your domain won't be possible. A record applies to the whole domain. If
/customer
is intended to be on a whole other server, then consider a subdomain likecustomer.mydomain.com
. (Any DNS host that's worth the money you pay them will let you add records for subdomains besides "www".)