What is a DNS record? DNS records, or Domain Name System records, are the data that you store in your domain’s database. These records define how your website is hosted and what can be accessed on it. They tell the internet where to find your website and how to interact with it.
The Internet wouldn’t exist without domain names. A lack of domain names would force people to memorize numbers to access websites or be at the mercy of whatever website a search engine chooses to index. The Domain Name System, or DNS, is the foundation of domains. Even though we deal with it daily, most people have no idea what it is.
In this post, we dive deeper into what records are, the various types of DNS records that exist, and how to leverage them.
What is a DNS record?
DNS records are the building blocks of a domain naming system. They allow you to point a domain to a website, an email address, or another resource on the Internet.
A DNS record is a specific resource record stored in a DNS database that allows you to configure and control other information about your domain name. For example, you can set up your DNS records to tell the world what type of mail server your domain will use (e.g., Microsoft Exchange) or which IP address should be returned when someone visits your website.
DNS records are organized into zones, which correspond to one or more domains under your control. If you own example.com and example2.com domain names, each will have its own set of DNS records.
Common Types of DNS Records
A record
The A record is the most common form of DNS record. An A record points to an IP address for a website or domain name.
A record’s primary application is for IP address lookups. A web browser can load a webpage using the domain name by using an A record. We can therefore access websites on the Internet even though we don’t know their IP addresses.
The blackhole list based on the domain name system is another application for A records (DNSBL). In this case, spam mail is blocked using the A record.
For example, if you have an A record for www.example.com that points to its hosting server’s IP address 192.168.0.1
AAAA Record
AAAA records are part of the IPv6 protocol, which means they are used to assign IPv6 addresses to hosts on the Internet. They can be used to assign an IPv6 address to a hostname (the name of a computer or device) or a hostname to an IPv6 address.
This ability makes them incredibly useful for network administrators who want to assign their devices with custom IPv6 addresses without having to worry about the long strings of numbers that come with addresses like 2001:db8:0:0:0:0:16d9:a5b3 or 2001:db8:8c3f::17e9/128.
AAAA is similar to A records, other than that it stores the more recent IPv6 addresses instead of IPv4. It’s also required for every website hosted on the Internet that uses IPv6.
AAAA records point to IPv6 addresses like: 2001:0db8:85a3:0000:0000:8a2e:0370:7334.
.CNAME Record
CNAME records are used to create aliases for your domain. For example, if you have a website at www.example.com, you can use a CNAME record to set up an alias such that if someone types in www.example.com/blog, they’ll actually be taken to blog.example.com—instead of being taken to the root domain itself (www.example.com).
You can also use CNAME records to set up redirects between different versions of your website or app or between different subdomains on the same site.
Users can create a CNAME record for their domain www.example.net pointing to the server www.example.com:
www.example.net. IN CNAME www.example.com.
Nameserver (NS) Record
This record identifies the nameservers for a domain name. It is added to the zone file when you add a new domain to your account and must be set up correctly before creating any other records for that domain.
They tell others on the internet what nameservers you’re using to resolve domain names, making them an essential part of virtually every domain name system (DNS) configuration. NS records help users find their way around the web by providing an authoritative source for DNS information.
The following is an example of a nameserver (NS) record:
example.com NS ns1.example.com
Mail exchange (MX) Record
An MX record specifies the mail servers responsible for accepting email messages sent to a domain name. This kind of record is required if you want to receive email through your domain and Points to an A record or AAAA record that identifies one or more IP addresses on which your mail server(s) are hosted.
The following is a mail exchange (MX) record example for Google’s mail servers:
IN MX 10 aspmx.l.google.com.
TXT Record
It is a type of DNS record that allows you to add additional information about your domain in a textual format. They are typically used in email security and authentication practices
The TXT record’s purpose is to instruct the receiving server on how to validate the mail servers’ source information. The primary method employed by mail servers to demonstrate the validity of an email, particularly for SPF authentication, is the SPF TXT record.
Example of a TXT record (“v=spf1 include:_spf.google.com ~all”)
Common TXT record types
DMARC Record
DMARC email authentication protocol is one of the best ways to protect your brand against spoofing. By inserting a DMARC TXT record into your domain’s DNS settings, you can prevent attackers from sending malicious emails on behalf of your domain to your potential customers and employees.
A DMARC policy lets you tell mail receivers what to do with messages that fail authentication.
SPF TXT Record
SPF stands for Sender Policy Framework. It’s a method of preventing unauthorized use of your domain name in emails. It is a text file that you can create to prevent your email from being marked as spam, which can happen if someone uses your domain name without authorization, to send emails. If you want to set up an SPF TXT record, you’ll need administrative access to your domain’s DNS settings.
You can create this record by using an SPF record generator tool.
DKIM Record
DKIM (DomainKeys Identified Mail) helps ensure an email message is authentic by verifying that its contents haven’t been altered during transmission. It is effective against email interceptions, and in mail forwarding scenarios.
SOA Record
All domains use the Start of Authority records to specify their primary name server, the authoritative source for information about the zone, and responsible for the overall operation of the domain. This includes the email address and webmaster contact information.
This is an example of an SOA record for the domain name “example.com”:
ns1.domainname.com admin.domainname.com 21421331021 78403 6410 580402 300
SRV Record
A service record is used to specify a server’s location (hostname), providing a specific service in the network.
Here is an SRV record for a mail server:
_sip._tcp SRV 5 0 5060 servername.example.com.
Which type of DNS record identifies an email server?
The DNS record that identifies an email server is the “Mail Exchange” (MX) record. MX records specify the mail server responsible for accepting email messages on behalf of a domain name.
When an email is sent to an address at a specific domain, the sender’s email server looks up the MX records for that domain to determine where to deliver the email. The MX record lists the hostname of the mail server responsible for handling email for the domain, along with a priority value. If multiple MX records are present, the priority value determines the order in which the mail servers should be contacted.
By configuring the MX record for a domain, the domain owner can specify which email server should receive an email for their domain, allowing them to control their email infrastructure and ensure the reliable delivery of messages.
Why are DNS records important?
1) DNS records help you stay on top of security issues
When you change your DNS records, it tells the world what’s going on with your site. If someone tries to hack into your site or add malicious code, they’ll be alerted by the change in DNS records and can fix it before anyone notices anything out of the ordinary.
2) DNS records keep people from being able to reach your site if it gets hacked
If someone manages to get into your site and replace its content with something else (e.g., an advertisement), changing the DNS record will make sure that only those who know about the change will be able to see it—people who don’t know about it will just see a blank page instead!
Conclusion
If you want to start creating DNS records, our PowerToolbox will help you generate valid and error-free records for your domain with a single click. These records are optimized to your domain’s needs, syntactically accurate, and error-free. For expert guidance, contact us today!
- The Rise of Pretexting Scams in Enhanced Phishing Attacks - January 15, 2025
- DMARC for PCI DSS 4.0 Compliance – Mandatory from 2025 - January 12, 2025
- NCSC Mail Check Changes & Their Impact on UK Public Sector Email Security - January 11, 2025