Explanations: some rewrite.
This commit is contained in:
parent
6dd342d952
commit
915e779511
@ -60,20 +60,22 @@ basics :: forall w i. HH.HTML w i
|
|||||||
basics = HH.div_
|
basics = HH.div_
|
||||||
[ Bulma.h3 "Basics of DNS"
|
[ Bulma.h3 "Basics of DNS"
|
||||||
, Bulma.p """
|
, Bulma.p """
|
||||||
The domain name system lets people share a name instead of an address to find a website or service.
|
The domain name system (DNS) enables people share a name instead of an address to find a website or service.
|
||||||
|
"""
|
||||||
|
, Bulma.p """
|
||||||
To configure a zone, the first steps are trivial.
|
To configure a zone, the first steps are trivial.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
, Bulma.hr
|
, Bulma.hr
|
||||||
, Bulma.h3 "I have something to host."
|
, Bulma.h3 "I have something to host."
|
||||||
, expl' "Let's assume you have a web server, you host your website somewhere (A and AAAA records)."
|
, expl' "Let's assume you have a web server and you host your website somewhere (A and AAAA records)."
|
||||||
, Bulma.p """
|
, Bulma.p """
|
||||||
You want an A (IPv4) or AAAA (IPv6) record pointing to your server, named "enigma" for example.
|
You want an A (IPv4) or AAAA (IPv6) record pointing to your server, named "enigma" for example.
|
||||||
"""
|
"""
|
||||||
, expl' "You need other names pointing to your server (CNAME records)."
|
, expl' "You need other names pointing to your server (CNAME records)."
|
||||||
, Bulma.p """
|
, Bulma.p """
|
||||||
You may not want to use the name of your server "enigma" directly.
|
You may not want to use the name of your server "enigma" directly.
|
||||||
Instead, you want the usual names for your services, such as "www" or "blog".
|
Instead, you may want the usual names for your services, such as "www" or "blog".
|
||||||
CNAME records are basically aliases, exactly to that end.
|
CNAME records are basically aliases, exactly to that end.
|
||||||
"""
|
"""
|
||||||
, expl' "If you have other servers, just add more A or AAAA records."
|
, expl' "If you have other servers, just add more A or AAAA records."
|
||||||
@ -96,10 +98,10 @@ basics = HH.div_
|
|||||||
This won't be covered here.
|
This won't be covered here.
|
||||||
"""
|
"""
|
||||||
, Bulma.p """
|
, Bulma.p """
|
||||||
You need a MX record pointing to your "www" A (or AAAA) record.
|
You need an MX record pointing to your "www" A (or AAAA) record.
|
||||||
"""
|
"""
|
||||||
, Bulma.p """
|
, Bulma.p """
|
||||||
Having a MX record isn't enough to handle a mail server.
|
Having an MX record isn't enough to handle a mail server.
|
||||||
You need to use a few spam mitigation mechanisms.
|
You need to use a few spam mitigation mechanisms.
|
||||||
"""
|
"""
|
||||||
, Bulma.columns_
|
, Bulma.columns_
|
||||||
@ -113,10 +115,10 @@ basics = HH.div_
|
|||||||
]
|
]
|
||||||
, col
|
, col
|
||||||
[ expl' """
|
[ expl' """
|
||||||
Spam mitigation 2: prove the mails come from your mail server with DomainKeys Identified Mail (DKIM).
|
Spam mitigation 2: prove that the mails come from your mail server with DomainKeys Identified Mail (DKIM).
|
||||||
"""
|
"""
|
||||||
, expl_txt """
|
, expl_txt """
|
||||||
You'll have to configure your mail server to sign the emails you send.
|
You will have to configure your mail server to sign the emails you send.
|
||||||
This involves creating a pair of keys (public and private).
|
This involves creating a pair of keys (public and private).
|
||||||
Your mail server will sign the mails with the private key,
|
Your mail server will sign the mails with the private key,
|
||||||
and other mail servers will verify the signature with the public key.
|
and other mail servers will verify the signature with the public key.
|
||||||
@ -130,6 +132,10 @@ basics = HH.div_
|
|||||||
, expl_txt """
|
, expl_txt """
|
||||||
Last but not least, DMARC.
|
Last but not least, DMARC.
|
||||||
"""
|
"""
|
||||||
|
, Bulma.hr
|
||||||
|
, Bulma.p """
|
||||||
|
DMARC enables to check the "From:" field of a mail, based on the SPF and DKIM mechanisms.
|
||||||
|
"""
|
||||||
]
|
]
|
||||||
]
|
]
|
||||||
|
|
||||||
@ -261,16 +267,16 @@ dkim_default_algorithms =
|
|||||||
spf_introduction :: forall w i. Array (HH.HTML w i)
|
spf_introduction :: forall w i. Array (HH.HTML w i)
|
||||||
spf_introduction =
|
spf_introduction =
|
||||||
[ HH.p []
|
[ HH.p []
|
||||||
[ HH.text "Sender Policy Framework (SPF) is a way to tell "
|
[ HH.text "Sender Policy Framework (SPF) is a way to tell the "
|
||||||
, HH.u_ [HH.text "other mail servers"]
|
, HH.u_ [HH.text "other mail servers"]
|
||||||
, HH.text " what are mail servers susceptible to send mails with email addresses from "
|
, HH.text " which are the mail servers supposed to send mails from "
|
||||||
, HH.u_ [HH.text "our domain"]
|
, HH.u_ [HH.text "your domain"]
|
||||||
, HH.text ". "
|
, HH.text ". "
|
||||||
]
|
]
|
||||||
, HH.p []
|
, HH.p []
|
||||||
[ HH.text """
|
[ HH.text """
|
||||||
This way, we can mitigate spam.
|
This way, we can mitigate spam.
|
||||||
A server receiving a mail with our email address but coming from an IP address we didn't list as authorized will be discarded.
|
A server receiving a mail from your email address but coming from an IP address we didn't list as authorized will be discarded.
|
||||||
This is not a bullet-proof technique, but it's simple enough and works great with the most basic forms of spam.
|
This is not a bullet-proof technique, but it's simple enough and works great with the most basic forms of spam.
|
||||||
"""
|
"""
|
||||||
]
|
]
|
||||||
@ -278,10 +284,10 @@ spf_introduction =
|
|||||||
[ HH.text "A correctly configured domain with a mail server should only advertise the right IP addresses that can possibly send mails from the domain."
|
[ HH.text "A correctly configured domain with a mail server should only advertise the right IP addresses that can possibly send mails from the domain."
|
||||||
]
|
]
|
||||||
, HH.p []
|
, HH.p []
|
||||||
[ HH.u_ [HH.text "Advice for novice users"]
|
[ HH.u_ [HH.text "Advice for beginners"]
|
||||||
, HH.text """
|
, HH.text """
|
||||||
: default values should work great with simple domains.
|
: default values should work great with simple domains.
|
||||||
Make sure to have a MX record, which should be pointing to an A or AAAA record, and that will do it. 🥳
|
Make sure to have an MX record, which should be pointing to an A or AAAA record, and that will do it. 🥳
|
||||||
"""
|
"""
|
||||||
]
|
]
|
||||||
]
|
]
|
||||||
|
Loading…
Reference in New Issue
Block a user