Which influence will cause SOA loss? [closed] - dns

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
Currently a certain domain has both SOA and SPF records in its DNS. In the new VPS, SOA and SPF record editing is not supported.
What are the consequences of losing this functionality?
(Especially SOA, because, as I understand, SPF is not relevant currently)

I'm interpretting your question to be... What would be affected by an inability to edit the SOA record in DNS ? , and from the body of your question I'm assuming that you have a facility to edit some DNS records within a customer portal for some VPS system somewhere, but not SOA or SPF.
If this accurately reflects your intended question, then...
The Start of Authority (SOA) record allows a zone file to communicate administrative information about the zone contents, particularly: an administrative point of contact, a serial number potentially indicating change of content, and the REFRESH, RETRY, EXPIRY, and TTL time periods of the information. None of this information would usually be of direct interest or importance to you as a user, and would usually be administered by the operators of the underlying Domain Name Services (BIND or similar). Presumably the portal you use will automatically take care of incrementing the SERIAL when changes are made, and although you may have an interest in the various time periods, they are likely to be of more importance to the loading of your host than the functionality of your domain name.
...So I would suggest that you lose very little by not being able to edit the SOA record.
The Sender Policy Framework (SPF) has a deprecated SPF record type, and has been largely replaced by publishing the same information in a TXT record. Originally your VPS portal may have allowed / supported the direct SPF record type, and maybe you are referring to an inability to create those ? If so, just use the same content in a TXT record.
However if you genuinely can't create and administer SPF content in any way at all, then you do have a problem. The mitigation of abuse of your email domain, and more importantly, the perceived reputation of your genuine emails, is greatly impacted by the use of SPF along with DKIM and DMARC.
...So I would be surprised if you genuinely can't administer SPF, but very concerned if that is the case.

Related

Domain name through one provider, host through another, email through another [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
Not sure how to word the title.
I am in this situation...
I have had a website for a long time now where the domain name and hosting are managed by OVH. A few years ago, I setup the email service through Protonmail with a custom domain. To do this, I changed some things in the DNS Zone so that emails will be routed through Protonmail. I would have to go back and look at exactly what needed changed...
Now however, I am becoming unhappy with the hosting provided by OVH, so I would like to try out another host. The issue is that to switch hosts, I could either
Transfer the domain to another provider, and then setup the email from scratch.
Switch the nameservers at OVH to point to hosting somewhere else (e.g. A2Hosting).
I would prefer to take the second option, since this would allow me to try out a different host without having to reconfigure my email. If I like the host, then I would probably move everything over to them. But I simply don't know if it is feasible. So is this possible? And if so, how would I do it?
I am worried that if I just switch the nameservers at the host, then my email would be offline.
You are right, if you change the name servers you will not be able to receive mails (unless you configure the MX records at the new provider). In you case you can simply create 2 A records pointing the root domain (example.com) and * (which is for all subdomains, that don't have their own records, so www.example.com and something.example.com will work, as long as there are no other records for them).
For more information about the records configuration you better ask your new host.
And when you are happy with the new hosting you can change the name servers or transfer the domain or do whatever you want. Note that the web host, the domain registrar and the DNS host may be from different providers, it's not a must to have all the services at one place.

What proves you are the owner of a domain name [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I have never registered a domain before. I have been wondering, when you buy one, what makes you the owner? Is it linked to your email address or are you given something like a token so that when you want to link it to a host you provide the token to prove you are the owner.
Nothing directly proves you own the domain.
You tell your hoster "I want to use this domain on your webspace" (for hosting on a shared server) and then they tell you how to configure your DNS server. Or if you have a server with a dedicated IP, then you just set that in your DNS server on your own.
Proof you own a domain is only required for some third party services, like creating certificates for domain names and alike. This proof is either preformed by proofing that you own the server to which the domain currently points to with it's A (IPv4) or AAAA (IPv6) record, or you are required to set a custom TXT record to prove you have control over the DNS server.
When you order the domain, you got to assign a DNS server for it. Either one you have set up yourself, or typically one managed by your domain seller. Everything beyond that is just configuration of that server. Your registrar takes care that the chosen DNS server is correctly used for your domain.
Your possession of a domain name comes down to a contract between you and the holder of the domain under which yours lives, with ICANN sitting at the top as the owners of the root domain. So Verisign has a contract with ICANN saying that they hold .COM, and if you want a domain under .COM, you enter into a contract with Verisign. In practice, Verisign has farmed out the contract-writing to oodles of other companies called "registrars", like gandi.net. So you pay them money, they tell Verisign the domain is yours and that's it. Exactly how picky a particular registrar is about knowing who they're selling a name to varies a lot. In some cases it's enough that you have a valid credit card and can log into the registrar's website, in other cases you may have to prove that you are a resident of a certain country.

How To Use Custom Nameserver On Free Cloudflare? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
I have a problem.
I own a small hosting company. I am trying to add Cloudflare to my site as a free CDN. The only problem is when I sign up I have to change the nameservers to their nameservers. I already have nameserver DNS set up through GoDaddy, so how do I add them to CloudFlare? My main site uses my company's nameservers already but whenever I add them the site goes offline.
When I go into Cloudflare's DNS records I click on the dropdown, click NS, and there's two boxes that say 'Name' and 'Nameserver'. Does this mean I input 'NS1' into 'Name' and 'NS1.DOMAIN.COM' into 'Nameserver'? Where do I input my server's IP addresses?
Is there another way of accomplishing this with the free version of Cloudflare?
That is just impossible. Option to have custom name servers available only on Business and Enterprise. See https://www.cloudflare.com/plans.
Also, you might mistaken. You must change name servers in your domain register settings, not on CloudFlare.
An old question (no doubt you found the answer long ago), but nevertheless still an interesting one! I recently faced this issue and would like to share what I did.
If I understand the question correctly, you are using child nameservers at your registrar to point your customers' domains to your server?
In cloudflare, after you have added your primary domain, you can also specify the NS record to allow customer domains to continue to use your custom / child nameservers at your registrar.
In the DNS records control panel, simply choose NS from the dropdown field, then in the Name field, add your child nameserver, then in Ip4address field, add the nameserver so it looks like e.g.
NS yourdomain.com managed by ns1.yourchildnameserver.com
Do the same for NS2 and your customer domains should continue to resolve without any issues.
In the end of course, it would be better to add each customer domain into CF ad point their DNS directly to your server, but the above steps should work as an interim measure.
Hope this helps someone else.

why are ISP's only blocking sub domains and not the full domain [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
Using the popular torrent backdoor come.in as an example, why are only the sub domains being blocked by ISP's?
Originally my ISP blocked eztv.it so I found eztv.come.in which was eventually blocked after some time only to be replaced with ezztv.come.in.
They are now on ezzzztv.come.in and no doubt in time they will be on ezzzzzzzztv.
They also have backdoors to all the other big torrent sites and do the same thing, just open up again with a new sub domain URL
Is there some kind of technical reason that the main domain is not being blocked? Or maybe it's a legal reason. I am no expert but can't think of a logical reason the main domain is not being blocked instead of the ISP playing this cat and mouse game.
I doubt it's anything too mysterious. I'd say it depends heavily on how they are doing the blocking and I'm willing to bet this changes a good bit from ISP to ISP. I would guess that it's one of the following:
1) They get hostnames to block from some source (some kind of commercial feed maybe?), this source gives them the subdomains (i.e. specific hosts instead of a group of hosts), they import this to some list that gets blocked
2) Plain old ignorance or laziness - maybe whatever team is in charge of this just blocks based on hosts because they don't care enough to do basic pattern recognition on hosts they're ordered to block.
3) Technical reasons - maybe whatever tool they use to manage their blacklists only accepts subdomains?
Unless we get someone that does this kind of work for ISPs (and they do it the same way as you are describing), then we'll never know :-)
I do not know why the subdomains are being blocked, however I do know that using a encrypted VPN such as HotspotShield means that your ISPs cannot know what you are visiting (And therefore would have to either block everything or nothing), which means that you can bypass that block.
When I accidentally forgot to pay the bill (Was overdrawn) and my ISP limited me to only Google and Youtube, I used a VPN and was able to access everything fine.
I have only ever used HotspotShield, never used TOR, etc, so I don't know which VPNs it would work with or not (really the question is, which VPNs are encrypted?).
VPNs give higher latency, but to my knowledge do not give slower download speeds (Except if the VPN has a slower internet connection than you), so should be fine for downloads.

Technical advantages of transferring domain name [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I have a website hosted in Switzerland and the domain registrar is in the US.
If I requested a transfer of the domain from the US to the registrar in Switzerland, what technical advantage would that give me, if any?
Are there any significant things to pay attention to apart from little things (such as price)?
If not I would leave it in the US then and just change dns records...
Thanks for any feedback!
The link between domain name and hosting (IP address) is simple an ip address corresponds to a name. But for a name to be valid and some people to have jobs there are additional steps:
Root name servers -> Authority name servers slave nemeservers
The registrars provide a list of authoritative name servers coupled with names to the root servers (this is called glue). Usually the person owning a domain can change the authoritative name servers via some panel.
That being said the only technical advantages i can think of are:
Price for the registration (per year)
Willingness of the registrar to shutdown a domain under pressure on or request
the registrar can change the Name servers and point the domain wherever he wants and can block you from changing this which effectively shuts down the domain.
Please also remember that in the end the registrars (the real ones also called NIC's) are not so much and usually can be found by simply typing .ext e.g. nic.com, nic.org
The other companies selling domains are just resellers and using any of them should be guided mostly by features they offer and price (e.g. how usable is their panel, how fast they respond to tickets, etc.)

Resources