Using Sucuri Firewall the mx record must be changed.

May 15, 2019
12
2
3
California
cPanel Access Level
Website Owner
I'm using Sucuri WAF for an account. When setting it up--which is much like setting up Cloudflare--the email stops working. The support staff said the mx record had to be changed.

Their support staff required a cname record be created to point to the mail. Does that work for cpanel accounts in general. Will it help conceal my server's ip from attackers? Any advice to help resolve this question would be fantastic.
 

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
11,032
1,741
363
cPanel Access Level
Root Administrator
Hey there! In general, when cPanel creates a DNS zone, the MX record configuration looks like this:

Code:
domain.com.   14400   IN      MX      0       domain.com.
mail    14400   IN      CNAME   domain.com.
If you wanted to point the MX record to a different location, you can adjust the records to look like this, so the MX points specifically at mail.domain.com:

Code:
domain.com.   14400   IN      MX      0       mail.domain.com.
mail    14400   IN      A   1.2.3.4
As to "will it help conceal the server's IP" I don't think so - anyone sending mail still needs to connect to the mailserver, and querying the MX record will still return the IP address of the server/mailserver.
 
May 15, 2019
12
2
3
California
cPanel Access Level
Website Owner
Thanks. That helps. When setting up their WAF, it was similar to using cloudflare. However, my mail immediately stopped working, they said I need to change it like you pointed out above. After changing from the cpanel default mail settings to the second set of code you put above it worked.
 
  • Like
Reactions: cPRex

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
11,032
1,741
363
cPanel Access Level
Root Administrator
Neither is better, it's just a different way to handle mail. The default setting here:

Code:
domain.com.   14400   IN      MX      0       domain.com.
mail    14400   IN      CNAME   domain.com.
is what gets used for most domains, when you want the mail to be delivered locally. These records just configure the DNS so that domain.com and mail.domain.com point to the same place.

The second example:

Code:
domain.com.   14400   IN      MX      0       mail.domain.com.
mail    14400   IN      A   1.2.3.4
is what you'd use when you have the website on one server but want the mail to go to a different location, allowing you to specify the IP address of mail.domain.com.

So neither is "better" or "correct" - just different implementations to accomplish different configurations.