Sections

  • Home
  • Archive
  • LLM Prompts
  • Posts

BTC

Bitcoin QR Code

Recently Modified

  • SMTP Test With PowerShell on 2025-07-02
  • Videos as Teams Backgrounds on 2025-07-02
  • UDM Parameters for Google Search on 2025-06-18
  • Troubleshoot Crashing Apps with ProcDump & WinDbg on 2025-05-01
  • Stub Title on 2025-03-07
  • Automated IIS Application Pool Restart with PowerShell on 2024-10-16
  • Managing Microsoft Office Versions with OfficeC2RClient on 2024-09-10
  • Automated Batch Image Compression with Python on 2024-07-30
  • How to Find Your Public IP Address on 2024-06-24
  • Complete DNS Records Reference Guide on 2024-06-06

Complete DNS Records Reference Guide

Published: June 6, 2024 | Last Modified: May 13, 2025

Tags: dns networking email domain-management system-administration dmarc spf dkim mx

Categories: Networking DNS



  • DMARC
    • v (version)
    • p (Policy)
    • sp (Subdomain Policy)
    • pct (Percentage)
    • rua (Aggregate Reports)
    • ruf (Forensic Reports)
    • fo (Forensic Options)
    • rf (Report Format)
    • ri (Report Interval)
    • adkim (DKIM Alignment)
    • aspf (SPF Alignment)
  • MX
    • Priority
    • Mail Server
    • TTL (Time to Live)
    • Example MX Record
    • Multiple MX Records
    • Setting Up MX Records
    • Verifying MX Records
    • Common Issues
  • SPF
    • v (version)
    • ip4 (IPv4 Address)
    • ip6 (IPv6 Address)
    • include
    • all

DMARC

DMARC (Domain-based Message Authentication, Reporting, and Conformance) is an email authentication protocol that builds on SPF and DKIM (DomainKeys Identified Mail). It allows domain owners to publish policies on how email from their domain should be handled if it fails authentication checks. DMARC provides a way to monitor and improve the security of email sent from your domain, reducing the risk of phishing and email spoofing.

v (version)

 Specifies the DMARC version. It is mandatory and must be included.

v=DMARC1;

There are no other versions of DMARC currently in use or specified.

p (Policy)

Specifies the action to be taken on emails that fail authentication checks.

none

No action is taken; only monitoring is performed.

p=none;

quarantine

Messages that fail DMARC checks are treated with suspicion.

p=quarantine;

reject

Messages that fail DMARC checks are rejected outright.

p=reject;

sp (Subdomain Policy)

Specifies the policy to be applied to emails from subdomains.

none

No action is taken for subdomains; only monitoring.

sp=none;

quarantine

Subdomain messages that fail DMARC checks are treated with suspicion.

sp=quarantine;

reject

Subdomain messages that fail DMARC checks are rejected outright.

sp=reject;

pct (Percentage)

Percentage of messages to which the policy is applied. Can be any number from 1 to 100.

pct=50;

rua (Aggregate Reports)

Email address(es) to send aggregate reports to. Multiple addresses can be separated by commas.

rua=mailto:aggregate@example.com,mailto:another@example.com;

ruf (Forensic Reports)

Email address(es) to send forensic (failure) reports to. Multiple addresses can be separated by commas.

ruf=mailto:forensic@example.com,mailto:anotherforensic@example.com;

fo (Forensic Options)

0

Generate reports if all checks fail (default).

fo=0;

1

Generate reports if any single check fails.

fo=1;

d

Generate reports if DKIM fails.

fo=d;

s

Generate reports if SPF fails.

fo=s;

rf (Report Format)

afrf

Authentication Failure Reporting Format (default).

rf=afrf;

rf=iodef

Incident Object Description Exchange Format.

rf=iodef;

ri (Report Interval)

Interval in seconds between aggregate reports (default is 86400 seconds or 24 hours).

ri=86400;

adkim (DKIM Alignment)

Specifies the alignment mode for DKIM authentication.

r

Relaxed mode (default).

adkim=r;

s

Strict mode.

adkim=s;

aspf (SPF Alignment)

r

Relaxed mode (default).

aspf=r;

s

Strict mode.

aspf=s;

MX

MX (Mail Exchange) records are DNS records that specify the mail servers responsible for receiving email on behalf of your domain. These records direct email to the correct mail server and are essential for the functioning of email services. Properly configured MX records ensure that emails are reliably delivered to your domain.

Priority

Specifies the priority of the mail server. Lower values have higher priority.

10;

Higher priority MX records are tried first.

Mail Server

Specifies the fully qualified domain name (FQDN) of the mail server.

mail.example.com;

The FQDN must be an A or AAAA record.

TTL (Time to Live)

Specifies the time in seconds that the record may be cached by resolvers.

3600;

The default value is typically 3600 seconds (1 hour).

Example MX Record

An MX record consists of a priority and a mail server.

10 mail.example.com;

In this example, mail.example.com is the mail server with a priority of 10.

Multiple MX Records

Multiple MX records can be specified to provide redundancy.

Example

10 mail1.example.com;
20 mail2.example.com;

mail1.example.com has a higher priority and will be tried first. If it fails, mail2.example.com will be used.

Setting Up MX Records

  1. Access your DNS provider’s management console.
  2. Navigate to the DNS settings for your domain.
  3. Add a new MX record with the appropriate priority and mail server.
  4. Save the changes and wait for DNS propagation.

Verifying MX Records

You can verify MX records using tools like nslookup or online DNS checkers.

Using nslookup

nslookup -query=mx example.com

This will display the MX records for example.com.

Common Issues

  • Incorrect priority values: Ensure that priority values are integers and the lower values have higher priority.
  • Invalid mail server FQDN: Verify that the FQDN is correct and points to an A or AAAA record.
  • TTL settings: Ensure the TTL value is appropriate for your needs and not set too low.

By correctly configuring your MX records, you can ensure reliable email delivery for your domain.

SPF

SPF (Sender Policy Framework) is an email authentication method designed to detect forging sender addresses during the delivery of emails. By specifying which mail servers are permitted to send emails on behalf of your domain, SPF helps reduce spam and phishing by making it harder for attackers to send emails with forged ‘From’ addresses.

v (version)

Specifies the SPF version. It is mandatory and must be included.

v=spf1;

There are no other versions of SPF currently in use or specified.

ip4 (IPv4 Address)

Specifies an IPv4 address that is authorized to send emails on behalf of the domain.

ip4:192.168.0.1;

ip6 (IPv6 Address)

Specifies an IPv6 address that is authorized to send emails on behalf of the domain.

ip6:2001:0db8:85a3:0000:0000:8a2e:0370:7334;

include

Includes the SPF records of another domain.

include:example.com;

all

Specifies the default policy for any other IP addresses not matched by earlier mechanisms.

~all (SoftFail)

Emails that do not match are marked, but still accepted.

~all;

-all (Fail)

Emails that do not match are rejected.

-all;

?all (Neutral)

No specific action is taken for emails that do not match.

?all;

Categories

  • Active Directory (4)
  • AI (3)
  • Azure AD (1)
  • C# (2)
  • C++ (1)
  • Computer Vision (1)
  • DNS (1)
  • Exchange (2)
  • Google (1)
  • Image Processing (2)
  • Java (32)
  • JavaScript (17)
  • Machine Learning (3)
  • MASM (3)
  • Media Processing (1)
  • Microsoft 365 (2)
  • Microsoft Office (1)
  • Microsoft Teams (1)
  • Networking (4)
  • Nodejs (1)
  • Office 365 (1)
  • P5.js (9)
  • PowerShell (25)
  • Processing (14)
  • Programming (1)
  • Python (19)
  • Reference (1)
  • Security (8)
  • Shell (16)
  • Stub (1)
  • System Administration (4)
  • Teams (1)
  • Visualization (1)
  • Web Administration (1)
  • Web Development (2)
  • Windows (9)

Tags

  • 10PRINT (1)
  • 3d-Modeling (1)
  • 3n+1 (1)
  • Account Management (1)
  • Acl (1)
  • Active-Directory (10)
  • Ad Sync (1)
  • Ai (9)
  • Android (1)
  • Animation (10)
  • Api (2)
  • Arrays (1)
  • Assembly (3)
  • Audio (3)
  • Audio Conversion (1)
  • Automation (13)
  • Azure (4)
  • Azure Ad Connect (1)
  • Base64 (1)
  • Bat (2)
  • Batch-Processing (1)
  • Bipartite Graph (1)
  • Bitset (1)
  • Buddhabrot (1)
  • Calendars (1)
  • Channel Management (1)
  • Client-Side (1)
  • Cmd (1)
  • Coding Challenge (15)
  • Collaboration (1)
  • Collatz Conjecture (1)
  • Command-Line (6)
  • Compliance (1)
  • Computer-Vision (3)
  • Coqui-Tts (1)
  • Counting Sort (1)
  • Creative-Coding (1)
  • Cuda (2)
  • Curl (1)
  • Cybersecurity (1)
  • Dag (1)
  • Data-Visualization (5)
  • Debugging (1)
  • Decoding (1)
  • Depth Estimation (1)
  • Device Management (1)
  • Directed Acyclic Graph (1)
  • Directory-Services (1)
  • Disjoint Set (1)
  • Distance (1)
  • Dkim (1)
  • Dmarc (1)
  • Dns (2)
  • Domain (1)
  • Domain Controller (1)
  • Domain Security (1)
  • Domain-Management (1)
  • Download (2)
  • Drivers (1)
  • Drives (1)
  • Education (1)
  • Email (1)
  • Email Management (1)
  • Email Security (2)
  • Email-Archiving (1)
  • Events (1)
  • Exchange (1)
  • Exchange-Management (1)
  • Exchange-Online (2)
  • ExchangeOnlineManagement (3)
  • Ffmpeg (4)
  • Fibonacci (1)
  • File-Permissions (1)
  • File-System (1)
  • Film (1)
  • Filtering (1)
  • Finance (1)
  • Firewall (1)
  • Flask (1)
  • Fractal (3)
  • Frame Interpolation (1)
  • Gal (1)
  • Gmail (1)
  • Google Forms (1)
  • Google-Apps-Script (1)
  • Google-Drive (1)
  • Gpu (1)
  • Graphs (1)
  • Group (1)
  • Group Management (1)
  • Group-Policy (1)
  • Gsuite (1)
  • Hacked Accounts (1)
  • Hardware (1)
  • Hex Encoding (1)
  • Iis (1)
  • Image-Processing (4)
  • Images (3)
  • Incident Response (1)
  • Insertion Sort (1)
  • Installation (1)
  • Interactive (9)
  • Ip-Address (1)
  • Ip-Addressing (1)
  • Java (1)
  • Javascript (5)
  • Juno (1)
  • Jupiter (1)
  • K-Means (1)
  • Kattis (6)
  • Keyboard (1)
  • Knowledge-Graphs (1)
  • Kruskal's Algorithm (1)
  • Lan (1)
  • Llm (2)
  • Local Administrator (1)
  • Local-Ai (2)
  • Logging (1)
  • Lorenz System (1)
  • M365 (3)
  • Machine-Learning (6)
  • Maximum Flow (1)
  • Media Processing (1)
  • Merge Sort (1)
  • Microsoft Teams (1)
  • Microsoft-Office (1)
  • Midas (1)
  • Minimum Spanning Tree (2)
  • Mistral-7b (1)
  • Monitoring (1)
  • Moondream (2)
  • Multilingual (1)
  • Mx (1)
  • N-Central (1)
  • Natural Language Processing (1)
  • Net (2)
  • Netsh (2)
  • Network (1)
  • Network Drives (1)
  • Network-Analysis (1)
  • Network-Security (2)
  • Networking (5)
  • Networkx (1)
  • Nlp (1)
  • Nslookup (1)
  • Obfuscation (1)
  • Office-365 (2)
  • Office365 (1)
  • Officec2rclient (1)
  • Open Simplex Noise (3)
  • Openai (1)
  • Optimization (1)
  • P5.js (2)
  • P5js (1)
  • Password Management (2)
  • Password-Generator (1)
  • Passwords (2)
  • Perlin Noise (1)
  • Permissions (2)
  • Phishing (1)
  • Photo-Editing (1)
  • Pil (1)
  • Pillow (1)
  • Port-Management (1)
  • Powershell (22)
  • Prim's Algorithm (1)
  • Prime Numbers (3)
  • Printers (1)
  • Procdump (1)
  • Processing (2)
  • Programming (2)
  • Python (15)
  • Python-Script (1)
  • Pyvis (2)
  • Qr-Code (1)
  • Rdp (1)
  • Reference (1)
  • Registry Modification (1)
  • Remote-Access (1)
  • Reporting (1)
  • Reports (3)
  • Robocopy (1)
  • Screen Recording (1)
  • Scripting (1)
  • SDK (1)
  • Security (9)
  • Security Analysis (1)
  • Security Management (1)
  • Settings (1)
  • Shell (4)
  • SID (1)
  • SMTP (2)
  • Sorting (3)
  • Sound (1)
  • Space (1)
  • Speech Recognition (1)
  • Spf (1)
  • Spiral (1)
  • Stable-Diffusion (2)
  • Stocks (1)
  • String (1)
  • Stub (1)
  • Subnets (1)
  • Synchronization (1)
  • Sysinternals (1)
  • System-Administration (13)
  • Systeminfo (1)
  • Team Management (1)
  • Team Ownership (1)
  • Tensorflow (1)
  • Therafit (1)
  • Time (1)
  • Topological Sort (1)
  • Troubleshooting (4)
  • Tzutil (1)
  • UDM (1)
  • Uri (1)
  • Uri Encoding (1)
  • User-Management (4)
  • Uva (9)
  • VBScript (1)
  • Version-Management (1)
  • Video (5)
  • Video Conversion (1)
  • Visualization (3)
  • Web-Administration (1)
  • Web-Development (1)
  • Wifi (1)
  • Win32_OperatingSystem (1)
  • Windbg (1)
  • Windows (17)
  • Windows 10 (1)
  • Windows 11 (1)
  • Windows-Defender (1)
  • Windows-Server (1)
  • Windows-Update (1)
  • Wmic (1)
  • Youtube-Dl (1)
  • Yt-Dlp (2)

© 2025 Ghostfeed theme by Tristan Madden. All rights reserved.