DNS
dig / nslookup can be used to see DNS config.
DNS servers will have a Resource Records database, with 30+ record types, such as IP addresses, certs, host alias names, etc.
A records
A records are “address records”, also known as a quad-A (AAAA) record.
These are records for IPv4 and IPv6 addresses (for IPv6 we use quad-A).
TTL is time to live, meaning how long will it be cached in a server.
MX record
Mail exchange records that determine the host name for a mail server.
Note that an MX record is a name, which we would have to include in a DNS config file in addition to an A record for the IP address:
IN MX mail.mydomain.name.
mail.mydomain.name. IN A 123.12.41.41 ; Mail server
TXT records
TXT reccords are public information that is human readable. Now they are also used for verification and email security services.
We can check TXT records with dig or nslookup:
# Unix
dig domain.com txt
# Windows
nslookup -type=txt domain.com
SPF
Verify sender
A common TXT record is the SPF protocol (Sender Policy Framework). Used to establish the validity of an email being sent from a specific domain.
DKIM
Digitally sign emails
Domain Keys Identified Mail goes a step further than SPF by using public key authentication. The pub key is stored in the DKIM TXT record, while the private key will be stored in the mail server.
DMARC
Domain-based Message Authentication, Reporting, and Conformance.
An extension of SPF / DKIM used to prevent email spoofing. It can be configured to be specific about what to do with emails that are not validated.