I'm setting up an email server and a web server on a VPS and in the near future I will probably need to wipe and reinstall the VPS. I used certbot to set up SSL and I've got a backup of /etc/letsencrypt so I can easily move that over to the new server. Do I need to preserve anything from the DKIM, DMARC, and SPF setups on this server or is it ok to generate it all again as long as I change the records with my domain registrar?
Asked
Active
Viewed 152 times
0
-
@anx No the domain and both IP addresses will be staying the same. How much would switching DKIM keys affect spam assessments? The first email I sent from the server turned up in my gmail fine. – Matthew Taylor May 13 '21 at 15:39
-
Just the keys? Little if any effect. Its changing *multiple* identifiers at the same time that can make such spam assessments stop considering your past. – anx May 13 '21 at 16:05
1 Answers
1
None of them "MUST" be preserved, but some or all can be.
For DKIM, you can make new keys and associated DNS records for the new server, or transfer the keys, or both.
For LE certs, you might want to keep copies "just in case" but when reinstalling, LE should authorize new certs and this is an easy way to be sure your server is configured correctly for when it comes time for automatic renewals.
DMARC and SPF are only DNS records for other servers. You may be using tools to evaluate mail received, but there are no keys associated, just configuration files.
Paul
- 3,037
- 6
- 27
- 40