DNS DNS records

How To Use SPF To Protect Your Domain reputation.

The reputation of your business (domain) is an essential asset you must protect at all costs. It means a lot for your clients: trustability and reliability. These are strong triggers for them to pick you or to choose your competitors.

Crime techniques used on the Internet to cheat users get multiplied, and we must be very aware. In some cases, they use your positive domain reputation to defraud your own clients. 

​What is SPF?

The sender policy framework or SPF is a system for validating the legitimacy of an e-mail server. It’s a helpful and efficient system to avoid spoofing and to enhance e-mail servers’ reliability.

Having SPF, you can authorize the only e-mail servers that can send messages on behalf of your domain. 

How to create an SPF record?

​What is an SPF record?

To enable SPF, you have to add an SPF record for your domain name. An SPF record is a DNS record from the TXT DNS type. It holds the necessary information that allows verifying which e-mail servers are truly authorized to send messages from the name of your domain name.

Once the SPF record provides that information, the e-mail server can be verified, validated, or not.

Using the SPF record, specifically its qualifiers and mechanisms, you or your administrator can establish rules, as strict as you decide, to verify. 

DNS SPF mechanisms:

  • “include” allows adding more domains (like example.com to example.net) for sending e-mails from the mail servers of the domain where the SPF record is hosted.
  • “all”, all mechanisms after it are to be ignored.
  • “a”, if you pick A, it means the A or AAAA records have to match with the return path for e-mails to be allowed.
  • “ptr”, picking this means the PTR query has to be performed and to match the return path. Only if there’s a match, there’s allowance.
  • “mx”, picking this means an MX query has to be performed and to match the return path. Only if there’s a match, there’s allowance.
  • “exists”, used for complex queries.
  • “ip4”, checks A records exclusively to verify whether addresses correspond to the domain or not.
  • “ip6”, checks AAAA records exclusively to verify whether addresses correspond to the domain or not.

DNS SPF qualifiers:

  • “+” means PASS. Therefore, messages from the domain should be accepted. 
  • “-” means FAIL. Messages from the domain must be rejected.
  • “~” means SOFT TAIL. Messages from the domain should get a failed tag, but they can be allowed.
  • “?” means NEUTRAL. No policies are involved.

​How to use it to protect your domain reputation?

By enabling SPF, you will stop bad actors from sending e-mails from your domain. 

Your clients won’t receive malicious messages from your domain name, and you will avoid complaints and anger from them.

To prevent dangerous phishing is not minor. To be pointed as malicious, risky, or to be accused of stealing sensitive clients’ data can totally sink your domain’s reputation. 

Ensure that your legit messages successfully reach your clients and providers. 

You can plan the best promotions or punctually order new supplies. But if your messages can’t reach your clients or providers, results won’t be positive. This can happen because your e-mails go directly to the SPAM folder. If there’s no way to verify that your messages are legit, they can be discarded for security. 

Conclusion.

SPF is a great alley to protect your domain reputation. Avoid the risk of losing trustability, clients, or getting banned. Enable SPF!

Network

3 types of Load Balancing

Load balancing is a method of traffic management that will redirect the incoming traffic to your multiple servers. That way, non of them will get all the traffic, they will be able to manage less traffic better, and your network will be stronger. Now we will look 3 types of Load Balancing and how do they differ from one another.

Network load balancing

The network load balancing is ideal for balancing TCP and UDP traffic from clients over the internet. It operates on Layer 4 (the transport layer) of the OSI model (Open Systems Interconnection Model). When the network load balancer receives the traffic, it uses its algorithm and directs the traffic to one of the predefined servers in its list. It opens a TCP connection on the designated port and forwards the requests without modifying them. Not modifying them, but also not inspecting them, which means that the traffic is not checked about malicious packets, not it is organized based on the type of traffic it is. The focus here is just to transfer the traffic to various servers that are on the network.

You can use it when you are expecting large TCP or UDP traffic spikes, and you want to keep the packets unchanged.

It is easy to set up, scalable and it can save you during times of extreme traffic.

Classic

The Classic load balancing is very similar to network load balancing. It also can manage TCP and UDP, but also SSL, HTTP, and HTTPS traffic. The big difference here is that it works both on Layer 4 and Layer 7 of the OSI model. It has 3 components: the Classic load balancing instances, Listeners, and the Back-end servers.

The CLB instances will capture the traffic and distribute it to the Backed servers.

The Listeners will check the Back-end servers and see if they are functional. If any of them is down, they will give instruction to the CLB not to direct traffic to them until they are back in order.

The Classic load balancing is relatively economical, easy to set up, and provides good availability.

It also supports sticky sessions, so if a client connects to a particular Back-end server, it will stick to it and won’t go and connect to another for the time of the session.

Application load balancing

The Application load balancing works only on layer 7 (the application layer) of the OSI model. Here the load balancer is more intelligent and uses many parameters like hostname, host location (IP address), port number, and other parameters of the query. It supports protocols like HTTP, HTTPS, and WebSockets. It supports a sticky session that keeps the session open and doesn’t redirect to another instance. The Application load balancer checks the Back-end servers for different parameters and can take more advanced decisions regarding traffic distribution. It has the same components as the Classic one: load balancers, listeners, and back-end servers.

These are the 3 types of Load Balancing. You should pay attention to the protocols they use and at what level of the OSI model they work to properly understand them.

DNS

Why is it important to use rDNS service?

Did you configure the rDNS zone of your domain properly? Well, if you don’t remember, soon you will know it. Your e-mails will go missing or directly to the SPAM folder. When it’s about configuring your host, it’s not enough to set up only a Forward DNS zone. You need an rDNS zone too. 

From now you have a clue about why it is important to use rDNS service, and it’s not minor! But let’s dig a bit more into the topic.

​​What is rDNS?

The reverse DNS or rDNS is a service that allows the execution of reverse DNS lookups. A forward DNS maps domain names to their corresponding IP addresses. Reverse DNS maps IP addresses to domain names. 

Managed DNS plans usually include rDNS service. If not, providers offer it for you at a cost. What you can do when you have it, it’s to generate a reverse DNS zone. There you will add pointer or PTR records. They are useful to prove the match between the IP addresses and the domain name.

Servers from other enterprises can backtrack the IP address to the domain via the PTR records. This way, they can know everything is legit and be protected from scams. 

​​What is a PTR record?

A pointer or PTR record is a type of DNS record that associates an IP address and the hostname.

Whenever an administrator or a server has to verify if an IP address truly belongs to a specific domain, they execute an rDNS query and look for the PTR records in the reverse DNS zone. In case that the PTR record or records can’t be found, this can provoke an authentication issue and more. For instance, e-mails won’t be delivered correctly, or they will be considered SPAM.

Why is it important to use rDNS service?

  • Basically, if you don’t set up the rDNS, the e-mail servers of people (clients, other companies, your providers, etc.) who want to send you e-mails won’t be able to verify your domain, and you might not be able to send or receive e-mails. Communication is essential for businesses!
  • It will support your reliability for clients as a legit product or service provider.
  • The rDNS service is very important for IP networks owners because they all need to perform reverse lookups. 
  • E-mails for everybody, but especially for businesses, are a professional way to communicate with clients, a way to close deals, or to get opportunities. Not ensuring that messages are correctly sent or received can really mean a loss for you and your pocket. 

Best 3 rDNS providers. 

ClouDNS has suitable choices for all businesses sizes. As a reference, see its rDNS Premium S. costs $2.95 monthly. Moreover, its rDNS service is built on Anycast DNS network, meaning speed and security for you!

Constellix offers you a robust infrastructure and a different payment model. It doesn’t charge a subscription, only what you use (pay-per-usage). 

easyDNS is a reliable provider in the market since 1998. It’s easy to use, and its rDNS is available for $24.95 yearly. 

Top Affordable Premium DNS Hosting providers

Conclusion.

To operate without rDNS is too risky for your business! E-mails that don’t reach their proper destination don’t exist for your clients. Don’t lose! Get a quality rDNS service and prevent problems. Remember that one stitch on time can save you nine later!

DNS

​Top Affordable Premium DNS Hosting providers

When you think about DNS hosting providers and have seen just the big cloud providers like AWS, Microsoft, and Google, you might get scared of the price. Yes, these 3 can have high prices and very difficult to understand cost structures. But, don’t feel down. Here we have many more excellent affordable premium DNS hosting providers that won’t break your budget.

​ClouDNS

The most economical plan of ClouDNS starts at $2.95 per month and includes:

  • 25 DNS zones
  • 1000 DNS records
  • 5 000 000 queries per month
  • DNSSEC
  • Anycast DNS
  • Reverse DNS
  • Secondary DNS

The premium plans go between $2.95 (Premium S) and $79.95 (GeoDNS Business). A more expensive plan can get you more servers (4), more PoP (34), DDoS protection, GeoDNS, up to 400 DNS zones, 20 000 DNS records, and unlimited queries.

​Zilore

Zilore has a DNS plan starting at $5 per month and includes:

  • 5 domains
  • 1000 DNS records
  • 10 000 000 queries per month
  • DNSSEC
  • Anycast DNS
  • Web interface only
  • DDoS protection

The premium plans go between $5 (Personal) and 250 (Business)

In the other plans, the number of queries is unlimited, and it is the same with the number of DNS records. You can get Geo DNS, Failover IP, Lower TTL values (minimum of 1 minute), Statistics, web forwards (up to 10 per domain), API, SLA (99.95%).

​DNSimple

The prices of DNSimple start at $6 per month, and it includes:

  • 5 domains
  • Unlimited DNS records
  • Unlimited DNS queries
  • Anycast DNS
  • Secondary DNS
  • DNSSEC
  • 1 user

If you pay more, you can get the “Business” plan for $300 per month, including 100% SLA, Vanity servers, priority support, HTTPS redirects, DDoS Defence, and unlimited users.

​EasyDNS

The starter plan of EasyDNS begins at $20 per year ($1.66 per month) without a domain name registration, and it includes:

  • Unlimited DNS records
  • 1 000 000 queries per month
  • 15 PoP
  • 3 Anycast DNS servers
  • Dynamic DNS
  • DNSSEC
  • IPv6 support

Premium plans are from $20 per year (Standard) to $155 per year (Enterprise).

You will get up to 5 000 000 queries per month, up to 26 PoP, up to 4 Anycast DNS servers, up to 3 DNS failover, and Geo DNS.

​No-IP

Here, form No-IP you have only 1 Managed DNS plan – the Plus Managed DNS. It cost $29.95 per year ($2.50 per month).

  • 50 hostnames (DNS zones)
  • Unlimited queries per month
  • 100 PoP
  • Anycast DNS

​DNSmadeeasy

The cheapest plan from DNSmadeeasy starts at $5 per month and includes:

  • 25 domains
  • 7500
  • 10 000 000 queries per month
  • 3 failover records
  • API

The premium plans go between $5 (Business) and $125 (Corporate)

Here you get 50 domains, 15 000 DNS records, 50 000 000 queries per month, 3-factor verification, 10 Failover records.

​Namecheap

Namecheap Premium DNS starts at just $4.88 for the first year ($0.41 per month) and $9.98 per year for renewal ($0.83 per month).

  • 100% SLA
  • DNSSEC
  • +30 Anycast PoP
  • 2 000 000 queries per month
  • DDoS protection
  • ALIAS records

​GoDaddy

GoDaddy has only one plan called “Premium DNS”, and it cost $2.99 per month. It includes:

  • Unlimited DNS zones
  • 1500 DNS records per domain
  • 5 000 000 queries per month
  • DNSSEC
  • Anycast DNS
  • 99.99% SLA
  • Secondary DNS
  • Web forwards

​Conclusion

There are a lot of options out there. You can find great Premium DNS Hosting providers and plans that don’t cost an arm and a leg. Check them out and find which one best suits you. 

DNS

DNS – a key piece of the Internet

DNS is one of the most important and essential pieces when it comes to the Internet. Without it, it will be very hard for humans to search, connect, and explore different websites. So, let’s explain a little bit more about it!

What is DNS?

Thanks to the Domain Name System (DNS), we are able to use the Internet as simple as it is in present days. However, it is an infrastructure with vast functionality. In its foundation is the database with all of the domain names and their corresponding IP addresses.

What is DNS management?

A long DNS process is triggered once a user types a domain name for connecting with it. So, the domain name has to be translated to a language that machines understand, which are the IP addresses. That is necessary because the machines communicate with one and another through numbers. Finally, when the IP address corresponding to the domain name is resolved, it can be delivered to the browser of the user. So, the user is able to reach and explore the website. In the time when DNS was not created yet, the user would have to type an IP address, for instance, 56.155.208.13. Instead, it is much easier to remember and type a domain name, for example, domain.com. Thus, DNS gave the opportunity for humans to use the Internet and successfully communicate with machines efficiently.

What is DNS used for?

  • It makes searching on the Internet flexible, easy, and simple.
  • The Domain resolution process is crucial.
  • Load balancing
  • DNS caching
  • Email servers and routing the messages
  • Additionally, for service’s routing
  • Verifying of services, servers, e-mails, and so on.

What is the structure of DNS?

The domain name space has a structure on several levels, and various DNS servers are positioned all around the world. On the top of the structure above all stands the root. The level below is for different top-level domains (TLDs). Under them are the secondary domains and subdomains.

Root level – This is the origin of the DNS. When the DNS resolution process is initiated, the search starts from this level. After that, it proceeds to one of the name servers for the domain’s TLD. It is represented with a dot “.” at the end of the domain name. However, everyday users don’t use it.

TLD level – The top-level domains are every extension you have probably seen, such as .com, .net, .co.uk, .info, and so on. Within the TLD name servers, you are going to receive the answer, for which name servers hold the information about the domain name you are seeking for.

Second level domain. This is the name of the website that you are searching for without the TLD extension. For instance, Google, from google.com.

Subdomain level – This is the subpart of the domain name. You can see it before the domain name. Moreover, it is divided by a dot (“.”). For instance, a blog subdomain is blog.google.com.

Why is it so important?

DNS is so essential because, without it, every action on the Internet is going to take a more prolonged time, and it is going to challenge us, humans, to memorize a bunch of information. The DNS assists communication on the Internet, plus it makes domain name queries seem so fast and straightforward. Thanks to the system, you can connect to nearly every website 24/7. 

Recommended article: The Ultimate Guide to DNS Propagation