Code Done Right!

DNS configuration

Configuring DNS (Domain Name Server) is crucial for a proper website and email capability. In order for our server to be visible to the outside world as an address like example.com and not as a string of numbers like 123.132.123.132 we have to have a domain registered to us. It is basically a name that we have control over that points to a specific place. like for example – codedoneright.eu

As every provider has a different panel for DNS records it is pointless to provide pictures. It will be different for everybody. Read on and you will easily catch on.

Getting a free domain

Getting one is not really hard, if you want a free one – check out the requirements page on how to grab a free domain for a few months. If you want to commit to an address for longer you will have to buy a domain for yourself. namecheap.com has some good deals under $2 for a year to get you started.

Basics

There are four major things to configure in your domain

  • DNS A type record
  • MX mail record
  • SPF record
  • PTR record – done by your ISP
  • Optional – a subdomain records

Without proper DNS configuration you will not be able to serve a website properly (with a certificate) and most definitely you will not be able to send nor recive any mail.

DNS A

This is your main record. It will point directly to your router.

Configuring DNS A

Use the following configuration and put it in the control panel of your domain

  • Subdomain – @
  • Address – put your external IP address
  • Record type – choose A
  • Priority – ignore
  • TTL – if present set it up for something high, like 10000 (shown in seconds)

Subdomain @ – this means no subdomain, we want to configure example.com first

Address – you can check your external address here, this will be four triple digit numbers separated with full stops, e.g. 123.456.789.123 This address points to your router. We will configure the router later, to let it know that some connections are supposed to be going to your Raspberry

Record type A – This is the main address of the domain you registered. Typing example.com in your browser will resolve this specific address

Priority – used for MX record, ignore here

TTL – time to live for resolved name. If your IP does not change, you can set it up for a really high number and the DNS will not have to resolve the address and check out IP over and over

Now put a second, almost identical, DNS A record with the following configuration

  • Subdomain – www
  • Address – same as above
  • Record type – same as above
  • Priority – same as above
  • TTL – same as above

This will act in the same way as the above record, but will be used if someone types www.example.com instead of example.com

MX DNS record

This one is needed in order for our email to work. Think of it as your physical address, postman will not be able to deliver mail which says John on the envelope, but if you add John Doe, This Street 1, London he will know where to deliver the mail. This is what the MX record does.

Put the following configuration

  • Subdomain – @
  • Address – example.com.
  • Record type – choose MX
  • Priority – 10
  • TTL – same as above

Subdomain – we want email to be delivered to example.com, without any subdomains

Address – this time we are putting the address that your mail is supposed to be delivered to. Everything after the @ sign in john@example.com should be placed in this field, however, do MIND THE DOT at the end! It is required in order for the DNS to resolve your address properly!

Record type MX – this simply tells the DNS server that we are configuring a mail record

Priority – this sets the priority of email servers. If you have just one, you can put any value you want – 10, 20, 69. It is only used if you have a different mail server on the same domain, this can be useful for setting up a backup email in case your main server goes down due to power or internet outage. For now we will configure only our main server

TTL – exactly as your main A record

Example of my configuration

DNS MX configuration
MX record

SPF DNS record

Sender Policy Framework is a record for authenticating the sender. Sent email is authenticated against this record to tell the recipient server that you are allowed to send emails from this domain. This record is required, otherwise your email might just not get delivered at all and will die knocking on the recipient address.

Put the following configuration

  • Subdomain – @
  • Address – v=spf1 mx a ~all
  • Record type – choose TXT
  • Priority – ignore
  • TTL – ignore

CAUTION you might see an SPF type record in your DNS configuration, it is an outdated type of record and you should not use it. Use TXT record type instead.

Above configuration will tell recipients that yes, your domain is configured for sending email and you are not a Nigerian Prince sending spam from kingdom@nigeria.com

Example of my configuration

DNS spf configuration
SPF record

PTR DNS record

This one cannot be changed by you.

PTR is basically the reverse of A type record. You can configure your example.com domain to be pointing to 123.456.789.123, but if you want 123.456.789.123 to be pointing to example.com you are at mercy of your ISP. Check out with your internet provider if they can change that for you.

If not, then your mail will be delivered, but most likely will go straight to recipient’s SPAM folder. Some spam filters will also qualify domain without PTR as spam and will block your emails outright, sorry. Getting a PTR record with your ISP pretty much guarantees that you will not be flagged as a spammer by automated filters.

Unfortunately I do not have a PTR record myself, which means mail sent from my server is delivered to SPAM pretty much most of the time. I need to change my ISP…

Subdomains

If you want your webmail to be accessible from your browser by typing mail.example.com or you want to set up a forum at forum.example.com you need to configure your DNS to tell it that there is a website to be served at this address.

Simply add the following record, that is almost exactly like your A type record

  • Subdomain – mail
  • Address – put your external IP address
  • Record type – choose A
  • Priority – ignore
  • TTL – same as above

Another one for when someone uses www prefix

  • Subdomain – www.mail
  • Address – put your external IP address
  • Record type – choose A
  • Priority – ignore
  • TTL – same as above

This way you can add as many subdomains as your DNS registrar allows you. Most likely more than you will ever need.

Subdomain vs an alias

Each service requires a specific address for access. It can be either a subdomain like mail.example.com, but it can also be an alias like example.com/mail

What is the difference? Alias can use the main domain’s certificate. Subdomains need to be specified with the certificate, which is a pain if you want to add a new service to the existing setup. Unless you get a wildcard certificate which costs a LOT of money annualy. Read more about certificates here

Using an alias is just more convenient. Learn more about them here

Conclusion

Setting up DNS records is not hard but it is necessary if you want to have a decent server, and an absolute must if you want email capability and secure connection with the website. Unprotected websites are flagged by most browsers as dangerous so a rule of thumb is – get yourself a domain.

CAUTION DNS servers take time to update. If you have configured everything but it looks like something is not working then give it a day. Subdomains should be good to go right after configuring, but just in case – be patient

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.