Ignacio Torres Masdeu

2015 wk.12: aws playground

Fastmail is quite nice and more than enough for my minimum needs concerning website hosting. But the lack of https support on custom domains bugs me since I embraced “private by default”.

Hence, as my personal domains are my means of testing new stuff, I decided this was a good moment to test out how AWS could cater this basic need. Free tier, here I come.


As this is a Jekyll static site syncing the _site directory to an S3 bucket seems a great option. And as I want to serve it through HTTPS I need to use Cloudfront.


Some guy on the Internet had a very good guide to setup cloudfront and S3 to serve static sites with subdirectories. There’s this gotcha that you can setup a default file (index.html) in Cloudfront but only at the root level. In S3 you can setup your bucket as a website to achieve index files in all the subdirectories, but then you need to create the connection between Cloudfront and S3 as a plain website, not as an S3 bucket.

DNS for Fastmail services

It turns out that you cannot serve a naked/apex domain with Amazon Cloudfront without using Route 53 so I was forced to leave Fastmail’s standard configuration and wade into its documentation to discover the utter inexistence of a list of DNS records. In Gandi you can copy and paste your zone info with BIND syntax. Not in Fastmail.

All in all I found the lack of comprehensive DNS info disturbing so here are my notes.

Fastmail standard DNS records

@                  IN MX 10 in1-smtp.messagingengine.com.
@                  IN MX 20 in2-smtp.messagingengine.com.

_caldavs._tcp      IN SRV 0 1 443 caldav-d333277.messagingengine.com.

_carddavs._tcp     IN SRV 0 1 443 carddav-d333277.messagingengine.com.

mesmtp._domainkey  IN TXT "v=DKIM1\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvkC1+mEWX9IRlId82Z5bo10Xtbguz+/Qb4hOYE9n8HgFvW8b3krieeg+xbEdMyc9Gwob3YC8odpZIk1AYuB7/MqUeR4KouZjBC5cVdhSZjXNokei6fwcxgWQyVMDlfoAANzo1gCK6KIc6UWbw8kREdAcYFFMDBHVDFu7ufXBqWwIDAQAB"

_xmpp-client._tcp  IN SRV 5 0 5222 chat.messagingengine.com.
_xmpp-server._tcp  IN SRV 5 0 5269 chat.messagingengine.com.

; https://tools.ietf.org/html/rfc6186
_submission._tcp   IN SRV 0 1 587 mail.messagingengine.com.
_imaps._tcp        IN SRV 0 1 993 mail.messagingengine.com.

; webmail
mail               IN A
mail               IN A