DNS Configuration Reference
Sympl automatically generates (but does not currently upload) DNS files for domains, based on a template. Generated files can be found in /srv/example.com/config/dns/example.com.txt
and are in TinyDNS format.
Automatic DNS updating is planned for Sympl 9.1 and Sympl 10.1, however DNS records must be updated manually at present with your DNS host.
Reading DNS Records
TinyDNS format is mainly a machine editable DNS format, which can also be partially read by users. Full explanation for the format is available in the TinyDNS documentation, however there are a number of extensions for other record types available.
Each record type is identified by the first character in the line which details what kind of record the rest of the line defines, followed by the Fully Qualified Domain Name (FQDN) for the record, and the rest of the data is separated by colons (:
). In the examples below, the default Sympl TTL of 300
is used.
ID | Type | Example | Used for |
---|---|---|---|
#
|
n/a | # This is a comment
|
Used only for comments, these lines are ignored by TinyDNS. |
.
|
NS | .example.com::ns1.examplehost.com:300
|
An NS record for example.com, pointing to ns1.examplehost.com .
|
&
|
NS | &delegated.example.com::ns1.otherhost.com:300
|
An NS delegation record for a subdomain, pointing to ns1.otherhost.com .
|
+
|
A | +example.com:172.17.18.19:300
|
An A record for example.com to 172.17.18.19 .
|
=
|
A + PTR | -example.com:172.17.18.19:300
|
An A record for example.com to 172.17.18.19 . Along with matching PTR record.
|
3
|
AAAA | 3example.com:20010db885a3000000008a2e03707334:300
|
An AAAA record for 2001:0db8:85a3::8a2e:0370:7334 . Note that IPv6 records are in full format with no separators, and must be the full 16 characters long.
|
6
|
AAAA
+ PTR |
6example.com:20010db885a3000000008a2e03707334:300
|
An AAAA record for 2001:0db8:85a3::8a2e:0370:7334 , along with matching PTR record.
|
@
|
MX | @example.com::mail.example.com:10:300
|
An MX record pointing to mail.example.com with priority 10. |
'
|
TXT | 'example.com:This is an example of a TXT record:300
|
A TXT record of "This is an example of a TXT record ". Depending on the DNS server this may be limited in length. Colons in the record must be escaped as \072 .
|
C
|
CNAME | Cwww.example.com:example.com:300
|
A CNAME of www.example.com pointing to example.com .
|
S
|
SRV | S_sip_tcp.example.com::sip.example.com:10:20:300
|
An SRV record for _sip_tcp.example.com , pointing to sip.example.com , with priority 10 and weight 20 .
|
:
|
custom | :server._domainkey.example.com:16:\037v=DKIM1;\040k=rsa;\040p=key-goes-here:300
|
A generic record for server._domainkey.example.com , with type 16 (TXT), \037 characters long (octal) containing the text v=DKIM1; k=rsa; p=key-goes-here . Spaces and other characters must be escaped. Needed with some hosts depending on TXT record length limits.
|
Example DNS File
# # Nameserver records. # .sympl.host::ns1.mythic-beasts.com:300 .sympl.host::ns2.mythic-beasts.com:300 .sympl.host::ns3.mythic-beasts.com:300 # # The domain name itself # =sympl.host:46.235.231.141:300 # # Useful aliases. # +ftp.sympl.host:46.235.231.141:300 +www.sympl.host:46.235.231.141:300 +mail.sympl.host:46.235.231.141:300 # # A record for MX # +mx.sympl.host:46.235.231.141:300 # # The domain name itself -- AAAA record and reverse. # 6sympl.host:2a001098008800000000000000030001:300 # # Useful aliases -- AAAA records only # 3ftp.sympl.host:2a001098008800000000000000030001:300 3www.sympl.host:2a001098008800000000000000030001:300 3mail.sympl.host:2a001098008800000000000000030001:300 # # AAAA record for MX # 3mx.sympl.host:2a001098008800000000000000030001:300 # # MX record -- no IP defined, as this is done separately above. # @sympl.host::mx.sympl.host:15:300 # # SPF records # 'sympl.host:v=spf1 +a +mx -all:300 # # DKIM records # 'default._domainkey.sympl.host:v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5d846+Kwm/+Wo5k8Y1SyV2uFHZaGETpPLeFcTV5vu9cVoP2OFnOFVVtAPQ1J8MLSVpH0mJX27sw2RGGImFWvlIVFmhX4bhk3rIwEUBuL4+jwEmk5LjIpwdZtzUVxJzJfCsE/rEdXTPohmOJI6DxDaVciVPF1UBTGFbFsUJV9tJ3FCsbbi+lGmZBtMJn9NNlfcM2uPHY2urwUKiKNi/UrrBP0fHwOlVjLGOyG1ugxbC1jsS37cpRQ8kxLoIVxJ/un4cZo3tWDqkytLDXM11DSrF/TWbS3ENCsuxHvOMuuin+AJFN3P1KIiGrGynH3f6tOEgTcS3MQ0CNPP/HuJuP+QIDAQAB:300 # # DMARC records # '_dmarc.sympl.host:v=DMARC1; p=quarantine; sp=none:300
Adjusting the Time To Live
Time To Live (TTL) is a part of each record which specifies how long the record should be kept for before checking for an updated/changed copy.
The TTL for Sympl defaults to a rather low value of 300 seconds or 5 minutes, which allows you to make fairly quick changes before you increase the value once you don't need to make any changes any more. Note that not all DNS servers will respect this value, and may instead default it to a much higher value.
To change the TTL for all the records on a domain, create the file /srv/example.com/config/ttl
and add the value in seconds records should be kept for.
Mail Deliverability Records
Sympl supports all three of the major mail deliverability records in DNS.
SPF
Sender Policy Framework (SPF) identifies which servers should be sending mail for a domain and takes the form of a TXT record at the root of the domain. To enable automatic SPF record generation, with a default safe value of v=spf1 +a +mx ?all
create the file /srv/example.com/config/spf
. If you wish to make changes to the SPF record, you can use the MXToolBox SPF Record Generator to generate or update it, and add the desired record value to the config/spf
file.
DKIM
DomainKeys Identified Mail (DKIM) signs outgoing mail to prove it was sent by your server, using a public key which is held in publicly visible TXT records, and uses a 'selector' to allow multiple servers to send signed mail from the same domain. To enable DKIM in Sympl, you should create both the file /srv/example.com/config/dkim
as well as the matching public key. The selector defaults to the short hostname of your server, but this can be changed by placing the relevant value in the config/dkim
file.
DMARC
Domain-based Message Authentication, Reporting and Conformance (DMARC) is an extension for SPF and DKIM which informs a receiving server what should happen to any mail which fails authentication and again takes the form of a TXT record. To enable this, create the file /srv/example.com/config/dmarc
. The default record is the permissive v=DMARC1; p=quarantine; sp=none:300
, but can be changed by updating the config/dmarc
file. As with SPF you can use the MXToolBox DMARC Record Generator to adjust the configuration.
Configuration Reference
File or Directory | Used For | More |
---|---|---|
.../config/dns/
|
Contains generated DNS files. | More... |
.../config/dns/example.com.txt
|
Automatically generated DNS file for example.com .
|
More... |
.../config/ttl
|
Sets the 'Time To Live' for generated DNS entries in seconds. Defaults to 300 (5 min).
|
More... |
.../config/spf
|
Enables generation of an SPF record for the domain. Defaults to v=spf1 +a +mx ?all .
|
More... |
.../config/dkim
|
Sets the DKIM 'selector'. Defaults to the short hostname of the server. See also DKIM to enable signing of email. | More... |
.../config/dmarc
|
Enables generation of a DMARC record for the domain. Defaults to v=DMARC1; p=quarantine; sp=none:300 .
|
More... |
See also Configuration Reference for other configuration files.