DNS is the invisible layer that makes the internet work, yet most domain owners only interact with it when something breaks. After managing DNS infrastructure for thousands of domains on our platform, we have compiled this reference to save you from the trial-and-error approach that wastes hours of debugging time.
A Records β The Foundation An A record maps a domain name to an IPv4 address. It is the most basic DNS record type and the one your browser uses to find a web server. If you type example.com into a browser, the DNS resolver looks up the A record to find the IP address where that website lives. You can have multiple A records for the same domain to enable round-robin load balancing. ``` example.com. IN A 203.0.113.50 example.com. IN A 203.0.113.51 ```
AAAA Records β IPv6 Equivalent Identical in function to an A record, but points to an IPv6 address instead of IPv4. As IPv6 adoption grows, having both A and AAAA records ensures your domain is reachable regardless of the visitor's network configuration. ``` example.com. IN AAAA 2001:db8::1 ```
MX Records β The Email Backbone MX (Mail Exchange) records are critical for email delivery. They tell sending mail servers where to deliver email for your domain. The priority number matters β lower values mean higher priority. A typical configuration with a backup server looks like this: ``` example.com. IN MX 10 mail.example.com. example.com. IN MX 20 backup.example.com. ```
When you configure a domain in EvilMail, MX records are automatically created to route incoming mail to our servers. Misconfigured MX records are the number one cause of missing emails β always verify them after any DNS change.
CNAME Records β The Alias A CNAME (Canonical Name) record creates an alias from one domain name to another. It is commonly used to point subdomains to external services. For example, pointing your blog subdomain to a hosted platform: ``` blog.example.com. IN CNAME your-site.ghost.io. ```
Important: CNAME records cannot coexist with other record types at the same name. You cannot have a CNAME and an MX record for the same subdomain. This is a DNS specification rule, not a limitation of any particular provider.
TXT Records β Verification and Security TXT records hold arbitrary text data and serve multiple purposes in modern DNS. The most common uses are domain verification (proving you own a domain to Google, Microsoft, or other services), SPF records for email authentication, and DKIM signatures. An SPF record that authorizes EvilMail to send email on your behalf would look like: ``` example.com. IN TXT "v=spf1 include:evilmail.pro ~all" ```
NS Records β Delegation of Authority NS (Name Server) records define which DNS servers are authoritative for your domain. When you register a domain with EvilMail and point your nameservers to our infrastructure, you are updating the NS records at your registrar to delegate authority to our servers: ``` example.com. IN NS storm.nesil.dev. example.com. IN NS void.nesil.dev. example.com. IN NS kraken.nesil.dev. example.com. IN NS pandora.nesil.dev. ```
SRV Records β Service Location SRV records specify the location of specific services. They are used by protocols like SIP, XMPP, and LDAP. The format includes service name, protocol, priority, weight, port, and target: ``` _sip._tcp.example.com. IN SRV 10 60 5060 sipserver.example.com. ```
CAA Records β Certificate Authority Authorization CAA records specify which Certificate Authorities are permitted to issue SSL certificates for your domain. This is a security measure that prevents unauthorized certificate issuance: ``` example.com. IN CAA 0 issue "letsencrypt.org" ```
TTL β Time to Live Every DNS record has a TTL value measured in seconds. This tells DNS resolvers how long to cache the record before querying the authoritative server again. Lower TTL values (300 seconds) mean changes propagate faster but generate more DNS queries. Higher values (86400 seconds) reduce query load but delay propagation. Before making critical DNS changes, lower your TTL 24 hours in advance so the old cached values expire quickly.
Practical DNS Debugging When something is not working, check your records from multiple perspectives. Use dig for command-line verification: ``` dig +short MX example.com dig +short A example.com dig +short TXT example.com ```
If the records look correct but email still is not working, remember that DNS propagation is not instant. New records can take up to 48 hours to be visible worldwide, depending on TTL values and resolver caching behavior. Patience, in DNS management, is genuinely a technical requirement.