EFA best practice (DNS recursion enabled)
Posted: 14 Apr 2020 13:34
First off I’ve been using EFA for years now and it’s a great solution, especially the grey listing feature, works wonders for the blanket SPAM my wife’s accounts get.
With the last update having DNS recursion disabled broke inbound email, that being said I understand it’s preferred to have recursion enabled. I have a split DNS setup and the email servers resolve to an external IP address with recursion set to enabled in EFA-Configuration, but EFA sits in a DMZ and needs to send email to the internal IP of the email load balancer. What is recommended for this situation? Is everyone adding static entries in EFA OS to resolve just the internal IP of the mail server/s and local domains? I would like to have my setup best practice if at all possible, to avoid issues in the future.
Hopefully I'm understanding this all correctly, please correct me if I'm wrong.
With the last update having DNS recursion disabled broke inbound email, that being said I understand it’s preferred to have recursion enabled. I have a split DNS setup and the email servers resolve to an external IP address with recursion set to enabled in EFA-Configuration, but EFA sits in a DMZ and needs to send email to the internal IP of the email load balancer. What is recommended for this situation? Is everyone adding static entries in EFA OS to resolve just the internal IP of the mail server/s and local domains? I would like to have my setup best practice if at all possible, to avoid issues in the future.
Hopefully I'm understanding this all correctly, please correct me if I'm wrong.