OS X Server - Mail - is this setup secure? smtp blacklisting safe?
Here's my setup:
I have a domain, example.com registered with a domain registrar. The public DNS records are hosted by them. They contain
MX some-mx-domain.service.com priority 10 (hosted by MX Logic)
MX some-other-mx-domain.server.com priority 10 (hosted by MX Logic)
A records
example.com -> 0.0.0.0 (my static IP)
mail.example.com -> 0.0.0.0 (my static IP)
My ISP provides a static IP so I point the A records to my router. MX Logic handles the mx records for me. This allows me to add filters and also to hold mail if my mail server is unavailable.
On the LAN side, OS X server hosts Mail. I setup Mail to relay messages to ISP (MX Logic).
Local DNS has
primary zone: example.com
mx1.example.com priority 10
mail.example.com -> local IP of OS X Server Mail
Here are my questions:
1) Shouldn't the local DNS MX record allow for IP address and not just priority? Lets say I want to setup a second OS X Mail server. If I create a DNS entry for the primary zone as mx2.example.com priority 20, how does it know to reach the second mail server if there's no IP associated with it? It doesn't provide for IP Address field.
2) By using MX Logic, am I safe from someone using mail.example.com as an smtp server? How can I verify that any unauthenticated SMTP requests will be rejected?
3) How can I verify my credentials are sent securely? I get a SSL warning on my iPhone since I didn't load the certificate authority to it yet. Does using SSL automatically make it secure? Is the password sent from the iPhone hashed too?