So you want to start a company? (part 4)
- steve
- Best practices , Technical
- February 25, 2012
You’re setting up a company (or a new division or maybe even a new brand) and you’d like to use email to communicate with your customers. In this series of posts I’m going to touch on some of the things you can do today to make email life easier for you in the future. Today’s final post is on DNS hosting and setup.
5. DNS hosting
DNS is what lets you actually use the domain you’ve registered. It lets people find your website, find your mailserver and everything else you do online. Because of that, it’s a critical service, as if your DNS is down, all your online presence down.
It’s not too difficult to run DNS yourself on your own server – we run part of our DNS infrastructure on a virtual server we rent from chunkhost for a few dollars a month – but it works just as well to use a third-party service for it. There are dedicated DNS providers, such as zoneedit, ultradns, dyndns and many others, but it’s also a service that many of your existing service providers probably offer too. Your web host, your ISP and your domain registrar probably offer DNS hosting bundled for free with your other services – and that’s good enough if you’re just starting out.
There are some things the DNS provider you choose must be able to offer:
- They must be prepared to host your domain. That sounds obvious, but some providers will only serve DNS for domains registered through them, or for websites they host.
- They must provide a way for you to see and edit your DNS yourself, typically via a web interface – some providers will happily host your DNS, but only let their staff modify it. If you’re trying to diagnose a problem in an emergency trying to do that via opening support tickets is going to be painful.
- They must offer MX records, with the ability to point to hosts outside the domain (allowing you to outsource your corporate mail service easily, if needed)
- They must offer TXT records, not just “support SPF”. This is needed to set up SPF records and some implementations of DKIM, needed for email and brand authentication (amongst other things) and is useful to prove you own the domain for things like Google webmaster tools.
- They must offer NS records, allowing you to delegate parts of your domain to someone else. This is needed to set up some implementations of DKIM, needed for email and brand authentication.
6. Set up your DNS
The details will vary but to give you some idea of how a DNS zone can look here’s a sample dns zone for a fairly minimal setup for the domain tupid.org, with DNS hosted by hover, a webserver at 184.105.179.153 and a mailserver (for both inbound and outbound mail) at 66.172.33.225, using SPF but no other authentication. The magic number 86400 is the number of seconds in a day – it means that we’ll ask the internet to cache these results for one day.
; The two nameservers for the domain - these must match the domain registration tupid.org 86400 NS ns1.hover.com tupid.org 86400 NS ns2.hover.com ; The webserver, both with and without it's www. www.tupid.org 86400 A 184.105.179.153 tupid.org 86400 A 184.105.179.153 ; The mailserver tupid.org 86400 MX 10 mail.tupid.org mail.tupid.org 86400 A 66.172.33.225 ; SPF records for the mail we send tupid.org 86400 TXT "v=spf1 ip4:66.172.33.225 ~all"
And here’s how that might evolve, if we keep using our own mailserver, but also send some bulk mail through ExactTarget and we set up a “corporate” mail subdomain – corp.tupid.org – as we discussed in part one. To make things interesting, we’ll host our corporate email via Google Apps, and we’ll set up some DKIM for our customer facing mail (using the DKIMCore approach).
; The two nameservers, just as before tupid.org 86400 NS ns1.hover.com tupid.org 86400 NS ns2.hover.com ; The webserver, just as before www.tupid.org 86400 A 184.105.179.153 tupid.org 86400 A 184.105.179.153 ; Our main mailserver tupid.org 86400 MX 10 mail.tupid.org mail.tupid.org 86400 A 66.172.33.225 ; Our SPF record for our customer facing domain tupid.org 86400 TXT "v=spf1 ip4:66.172.33.225 include:cust-spf.exacttarget.com ~all" ; DKIM for mail sent through us 1330146224.tupid._domainkey.tupid.org. 86400 TXT ( "v=DKIM1;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCyR8fIJ5EVHkAap+qPnh/hHYQx" "Cw4cMDY8RoHG2C1EfNCl0Kj6sZm5D8I42aB71nSxOyv6SwwlOa7VZx5vFe7VXkXp" "YKHQNR+ulpFCdrT2qp/K6G7wKRgdkzGNhQCvxUaAelOgviWIl+NkfnwvvMMiN5Gy" "yD2oIFhQXB0h1tlf4wIDAQAB") ; DKIM for mail sent through ExactTarget exacttarget._domainkey.tupid.org 86400 NS dkim1.exacttarget.com exacttarget._domainkey.tupid.org 86400 NS dkim2.exacttarget.com email.tupid.org 86400 MX 10 reply.exacttarget.com ; Our corporate email, via google corp.tupid.org 86400 MX 1 aspmx.l.google.com corp.tupid.org 86400 MX 5 alt1.aspmx.l.google.com ; SPF for our corporate domain corp.tupid.org 86400 TXT "v=spf1 ip4:66.172.33.225 include:_spf.google.com ~all"
And that’s it – the basics of setting up DNS for an email-friendly company.