can I remove `cloudron._domainkey`?
-
@potemkin_ai the DNS entry is required for DKIM which is used to verify email signature when sending mails. If you don't need any of your apps sending email, you can delete the key. Otherwise, currently, it cannot be renamed but I guess you can raise a feature request to make it renameable.
-
@nebulon yes, pretty much. 'cloudron' is just a way to avoid conflicts with existing DNS keys.
@potemkin_ai Can you raise a feature request here - https://forum.cloudron.io/category/97/feature-requests ? Also, see https://forum.cloudron.io/topic/4655/change-to-the-dkim-record-hostname-in-recent-version-caused-by-new-feature-or-from-using-no-ip-domain-provider for a previous related discussion.
-
@potemkin_ai There is no security risk by having the name "Cloudron" in a dns record - cloudron is pretty branded and emails, apps, etc all have cloudron somewhere on them. Not to mention the login screen which is accessible everywhere.
-
@murgero It may not be for risk-aversion, but more that the person is providing a service without telling the customers that it is Cloudron (I'm not judging here, just postulating). So if customers could see that it was a Cloudron, and how simple it is, hey... they might skip the provider and use Cloudron themselves!
-
@potemkin_ai I would recommend you re-read my response to you my friend. I did not say there was "no security risk in Cloudron".
-
@murgero re-read, my response remains the same, sorry.
You know the way security scanners (or script-kiddies) works, it's to scan the network (Internet), get hosts and they software; if there is zero-day on CloudRon or other not disclosed vulnerability, apply it across the hosts.
Having DNS records showing that there is CloudRon here means you don't even need to scan for the ports, which just simplify things.Hope that helps to understand my response here.