Thursday, 17 September 2015

Understanding SPF DNS Records

SPF or “Sender Policy Framework” is a technique that aims to prevent email sender spoofing, and ultimately cut spam, it means that senders without a properly configured SPF record may be considered spam.
But if your business sends out email, and you want to make sure it isn’t marked as spam at your destination, then you might need to look at your SPF records.
The first step is to look at the headers of a received email, by a client that handles SPF, i.e. Gmail, and if you see something like spf=softfail ( domain of transitioning does not designate as permitted sender) , this means SPF is not configured correctly.
So, lets say, you know the sender is going to have IP address – i.e. your outbound SMTP server. and your sender email is – you need to then add a DNS TXT record to the domain with the text
v=spf1 ip4: ~all
For the host “@” (non-www)
Then try sending the email again, and view the headers on the message, and it should say
Received-SPF: pass ( domain of designates as permitted sender) client-ip=;
This will come into play big time if you use Direct to MX software, or Amazon SES

Thursday, 22 November 2012

Is Google DNS a Myth?

Google public DNS resolving services on IP addresses and was sold as being a faster solution for users, since caching could occur on a massive scale, but is it just a statistics gathering exercise for Google?

Using NameBench (, and running the test, it looks as if Google DNS is actually slower than local services, and popular global ones:

Mean Response Duration

Mean Duration Graph

Fastest Individual Response Duration

Fastest Response Graph

Response Distribution Chart (First 200ms)

Response Distribution Graph (first 200ms)

Response Distribution Chart (Full)

Response Distribution Graph (full)

DNS Speed testing.

DNS Speed testing.

I've often used ZoneCheck to test if DNS is set up correctly, but it doesn't give an indication of performance,
for that, I'd recommend - Check for "A" record response, where you should aim to get a response time of 50ms or less.

Here is a speed check of this blog, which is hosted by Google.

Min. Time(ms)32333233
Max. Time(ms)3830383131313139
Avg. Time(ms)1715171516151617 ms ms ms ms ms ms ms ms ms ms ms
Min. Time: 2 ms  Max. Time: 101 ms  Avg. Time: 57 ms

TLD Servers ms ms ms ms ms ms ms ms ms ms ms
Min. Time: 2 ms  Max. Time: 101 ms  Avg. Time: 58 ms

Root Servers (H3)5 ms ( ms ()231 ms ( ms ( ms ( ms (M-CDG-1)85 ms (s1.bnx)92 ms ( ms ( ms (b8)65 ms (jluepe1-elstk2)139 ms ( ms
Min. Time: 2 ms  Max. Time: 231 ms  Avg. Time: 84 ms

Monday, 28 May 2012

.VE Domains down

As of 3 PM GMT, all Venezuelan domains (.ve) appear to have gone down. It does appear that the sole nameserver responsible for is unresponsive:

nslookup -q=ns
Server:  my.router

        primary name server =
        responsible mail addr =
        serial  = 2012052809
        refresh = 900 (15 mins)
        retry   = 300 (5 mins)
        expire  = 1296000 (15 days)
        default TTL = 3600 (1 hour)

Ping request could not find host

Saturday, 28 April 2012

Manage DNS from your iPhone or iPad

Manage DNS from your iPhone, All the features of in one app:

Wednesday, 25 April 2012

Manage DNS from your Nokia phone

If you have a Nokia phone, then we've just developed a new App for the Nokia OVI store that allows you manage the DNS settings for your domain.

Here is the Nokia OVI store Link:

Friday, 8 April 2011

Reverse DNS lookup using nslookup

It's easy to get the IP address from a domain name, just ping it.


Pinging [] with 32 bytes of data

Or use nsLookup to get the A record, which does the same

C:\Users\Administrator>nslookup -q=a
Server: my.router

Non-authoritative answer:

To reverse the lookup, then you use the special "" domain with the IP address backwards... like this

C:\Users\Administrator>nslookup -q=ptr
Server: my.router

Non-authoritative answer: name = nameserver = nameserver = internet address = internet address =

This really comes into play when fixing this error in ZoneCheck:

w: Reverse for the nameserver IP address doesn't match
To Fix this, click Start>Run>dnsmgmt.msc

Select Reverse Lookup zones, select the

Right Click, Select "New Pointer (PTR)", enter the first 3 digits of the IP into the "Host IP Address" and enter the nameserver domain into "Host name", then press OK