DELIVTERMS: DNS aka Domain Name System

Let’s decode another acronym! DNS is a term not limited to email deliverability, but it sure does show up there quite a bit. And it stands for: Domain Name System.

DNS is the phone book or address book of the internet. You type “” into a web browser. The web browser (or the computer that it is running on) needs to figure out what server to connect to, and that server is identified by an IP address (an IPv4 or IPv6 IP address, the distinction being something that I’ll ignore for the moment). DNS is the function of looking up to see what server handles the website for Google, and then enabling your web browser to connect to that particular server and, if everything was successful, you're able to see the Google homepage. Most of this happens invisibly, behind the scenes, in just milliseconds.

There’s a whole bunch of bits related to DNS that are important for email deliverability, both for sending and receiving email:
  • An “MX record” is a DNS setting -- a record that you publish -- that says “hey, this is the server that handles inbound email” for your domain or subdomain.
  • An “A record” translates to an IP address for your server, and A records can be used for lots of different things, including for knowing what server to try to deliver mail to for a domain (if the domain doesn’t have an MX record configured).
  • TXT (text) records do multiple magical things in DNS, including facilitating the configuration of SPF, DKIM and DMARC records, verification tags for setting up Google Postmaster Tools, and more. A TXT record is so named because the value you’re looking up, if found, is a string of text -- letters and numbers. Not a server name, not an IP address (though it could contain these as part of the text).
  • A DKIM record is a specific type of TXT DNS record that contains the “public key” to enable authentication of email messages using the DomainKeys Identified Mail protocol.
  • An SPF record is a specific type of TXT record that most commonly contains a list of IP addresses that are allowed to send mail for your domain. They also might contain redirects or includes, which are basically aliases connecting your SPF record to somebody else’s.
  • A DMARC record is a specific type of TXT record in DNS that tells the world how to treat mail from your domain if and when it fails authentication checks.
And that’s just the very beginning of what people do with DNS records.

DNS lookups are handled by server software specifically designed for this service. There are lots of “DNS server” or "DNS resolver" applications out there, with perhaps the most common ones being Bind or Unbound. Amazon, Cloudflare, Google and others also have public DNS services, some oriented toward end users, some toward developers, and some with special functionality, like theoretical increased speed (leading to the perception of faster internet browsing) or blocking of objectionable content.

I’ve barely scratched the surface here, but if you’d like to learn more about DNS, you'll want to follow Julia Evans. While she admits that DNS is hard to learn, she has put together a whole Zine explaining How DNS Works, and she has kindly provided a handy sandbox called “Mess With DNS” where you can go to practice your mastery of DNS, hands-on. I've learned much from her expertise and am grateful for everything she has shared.

Want to learn more about the terminology around email technology and deliverability? If so, check out the DELIVTERMS section here on Spam Resource.
Post a Comment