Definition of DNSSEC records and use

Similar to digital signatures for e-mail, DNSSEC authenticates that DNS records originate from an authorized sender (DNS server) using private/public-key cryptography. The main purpose of this is to protect DNS against falsified information (DNS spoofing). DNSSEC does NOT encrypt or hide anything - all data is still in "clear text". Its only purpose is the verification of data authenticity. Concepts DNSSEC signingWhen a zone is DNSSEC signed, a number of DNS records are added to the zone (indeed DNSSEC signing a zone can make it many times larger).First, a DNSKEY-record is added for each key used to sign the zone. DNSKEY-records hold the public keys that clients can use the verify signatures.Next, an NSEC-record or NSEC3-record is added for each unique record name in the zone (+ a single NSEC3PARAM-record if using NSEC3). Each NSEC/NSEC3 record lists all the record types that exist for the name that it represents, and points to the next record…

Read time: 5 mins Read more »

What’s SPF Record?

What’s an SPF record? An SPF record is a Sender Policy Framework record. It’s used to indicate to mail exchanges which hosts are authorized to send mail for a domain. It’s defined in RFC 4408 and clarified by RFC 7208. SPF record format SPF records are typically defined using the TXT record type. There’s also an SPF record type, but it’s deprecated, and you should always have at least the TXT record definition present, even if you use the SPF type. SPF records are defined as a single string of text. Here’s an example record: v=spf1 a mx ip4: ~all The SPF record always starts with the v= element. This indicates the SPF version that is used. Right now, the version should always be spf1 as this is the most common version of SPF that is understood by mail exchanges. One or more terms follow the version indicator. These define the rules for which hosts…

Read time: 4 mins Read more »

What’s a DKIM Record

DKIM Records DKIM stands for DomainKeys Identified Email. It provides a way to validate that an organization delivering an email has the right to do so. Amber IT also automatically generates and adds DKIM to your hosted DNS entries on our server. This is used so that e-mail providers accept your letters and with also our added SPF records don't mark them as SPAM. Setting up DKIM DKIM requires the addition of public keys into your DNS zone. The key is often provided to you by the organization that is sending your email, for example, SendGrid, Postmark, or Google Apps. The key will either be inserted directly into your zone as a TXT record, or it will be a CNAME pointing to the key in your provider’s DNS. If you’re given a string representing the DKIM, it usually looks something like this: k=rsa; t=s; p=MIGfMA0Gegeth4sAQUAA4GNADCBiQKBgQDGMjj8MVaESl3sfsOVh15u9YK2AmTLgk1ecr4BCRq3Vkg3Xa2Qrwfwfj9FNqBYOr3XIczzU8gkK5Kh42P4C3DgNi5ITN/EvVAn/ImjoGq5IrcO+hAj2iSAozYTEpJsvF33G41245tgfdskj5JI6ibyJwIDAQAB Insert this into a TXT record. Do this by following the…

Read time: 3 mins Read more »

How to Add a Custom DNS Record

Sometimes you need to add a specific DNS Record in most common cases, the clients are using the Custom DNS for a test website, for a specific app, or even sometimes clients use specific servers to store images or media files. If the client has several servers, in some cases they use subdomains to identify servers. If you purchase a domain and want to use our NS servers, then this "How to" also will be useful. DNS records serve to facilitate domain name translation and help visitors reach your website online. When a domain is created, all the necessary DNS records are added automatically. However, Amber IT also enables you to add custom DNS records, as explained below. To add a custom DNS record to the domain’s DNS zone, go to Websites & Domains > DNS Settings > Add Record. Once you click Add Record. then you can choose the record type. A, AAAA, NS,…

Read time: 10 mins Read more »

Why you or your company need a Domain Name

On the global Internet, your or your company domain name is your unique identity. Any individual, blog, business, or organization planning to have an Internet presence should invest in a domain name. Having your own personal domain name, website and email addresses will give you and your business a more professional look. Another reason for a blog or business to register a domain name is to protect copyrights and trademarks, build creditability, increase brand awareness, and search engine positioning. With Amber IT hosting plans, as a domain name is one of the most crucial tools to build your or your company reputation, we include a free domain name registration in our annual ordered hosting plans. So for example, if you or your company don't have a domain name yet we offer a free domain name registration on annual hosting orders and payments. If for example you already have a domain name and you would like…

Read time: 2 mins Read more »

Warning: file_get_contents([YOUR SITE URL]): failed to open stream: Connection refused in /var/www/vhosts/ on line 821