Tag Archives: DNS record

Cheat sheet with the most common DNS records

The Domain Name System (DNS) is pretty extensive, and DNS records help for its easier management. So, for every beginner it is essential to know and understand the fundamental ones. Here is a short but very useful cheat sheet with the most common DNS records! 

A brief introduction to DNS records 

DNS record is a simple instruction related to a particular domain name. The entire collection of records is gathered in a zone file in the DNS zone. The authoritative DNS server of the specific domain name stores all of this information. Each record has its purpose and function. That is why all of them are very fundamental for the proper operation of the domain.

What is the purpose of RP record?

DNS records – Cheat sheet

SOA record: The Start of Authority record shows administrative data about the domain, plus contact info for the DNS administrator. Additionally, it also contains some fundamental parameters, such as Refresh rate and Retry rate.

A record: This record points a domain name to its corresponding IPv4 address. 

AAAA record: It is similar to the A record. However, it points a domain name to its associated IPv6 address.

MX record: The mail exchange record has the purpose of showing which is the mail server responsible for receiving email messages for the domain name.

CNAME record: This record is commonly used for subdomains. It shows which is the actual canonical domain. Thanks to it, you could manage your subdomains very easily.

NS record: This is also another very fundamental DNS record. Its goal is to indicate which is the authoritative name server for the domain name.

TXT record: This type of DNS record allows you to associate some text with a host, including human-readable information about a server, network, data center, etc. In most cases, it is used for email security.

PTR record: It is oftentimes called pointer record, and its purpose is exactly the opposite of the A record and AAAA record. The PTR record links an IP address to its associated domain name. The good news about it is that it operates perfectly both with IPv4 addresses and IPv6 addresses.

How to check them?

You could see all of the available DNS records for a particular domain name by using just one simple command – the Dig command. It has a command-line interface (CLI), and it works on almost every Operating System (OS), such as Linux, Windows, and macOS.

First, you should open the Terminal app if you are a Linux or macOS user. In case you are using Windows, you should open the Command Prompt.

Next, in case you want to view all of the DNS records that are available for a domain, you should type the following:

dig yourwebsite.com ANY

*Make sure to replace the example domain name with the one you desire to check.

You are going to receive the complete pack of DNS records and detailed information!

SPF record – What is it?

SPF record explained.

SPF record stands for Sender Policy Framework record is a DNS (Domain Name System) record that specifies essential information for a domain name. It points to the outgoing mail server that is responsible for the particular domain. The MX (Mail eXchanger) record serves to show which email servers are responsible for the incoming emails for the domain. On the other hand, SPF records indicate which email servers qualified for sending emails on behalf of the domain name.

Benefits of using SPF record

Let’s say you want to send an email to James@example.com. But, first, the incoming mail servers of example.com are going to check your domain name. Then, they are going to look for the SPF record and follow the rules that are set by it. Your email is going to be successfully received only in the case the SPF record is present. In another case, your email could end in the SPAM box of your recipient.  

How does it work?

With SPF records, domain owners are able to make a public list containing all of their authorized senders, which are the outgoing mail servers and their IP addresses. Thanks to that list, servers that receive emails are able to verify if the email is delivered from an authorized server to communicate on your company’s behalf. If that message is not received from some of the servers included in the list, the server receiving the email will consider it fake. 

Establishing rules with SPF record

The rules are based on two main groups. The first one is the qualifiers, and the second one is the mechanisms of the SPF record.

The SPF qualifiers are:

  • “-” That minus symbol indicates FAIL. It is a warning that messages coming from the domain must be rejected. 
  • “~” That tilde symbol indicates SOFT FAIL. The signal here is when a message comes from the domain, it should get a failed tag, although it can also be allowed.
  • “?” The question mark symbol indicates NEUTRAL. The signal, in this case, is that there are no policies involved (none).
  • “+” The plus symbol indicates PASS. Messages, which are coming from the domain are signalized that they should be accepted. 

The SPF mechanisms are: 

  • ” all” – All mechanisms after that it will be ignored.
  • ” include” – It provides you the opportunity to include more other domains that are able to send emails from the mail servers of the domain. You can unite example.itexample.co.uk, and example.de to send from example.com.
  • ” a” – When you pick it, then the A or AAAA records will require to get a match with the return path, and emails can be allowed.
  • ” mx” – When you select it, then an MX query requires to be completed and to get a match with the return path. If there is a match, then it is going to be allowed. 
  • ” ptr” – When you select it, then a PTR query requires to be completed and to get a match with the return path. It is allowed only if they match.
  • ” ip4” – This is going to review only A records (IPv4 addresses) to examine if they correspond to the domain.
  • ” ip6” – This is going to review only AAAA records (IPv6 addresses) to examine if the IP addresses match the domain.
  • exists” – This is for more complex queries.