Entries Tagged as 'Domain Name System (DNS)'


SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are two methods to help indentify email which is likely not SPAM.  SPF was originally proposed in 2003 by Meng Weng Wong and Wayne Schlitt (SPFv1 RFC4408) as an open standard (SPF is backed by the Sender Policy Framework Council); DKIM originally merged and enhanced DomainKeys from Yahoo and Identified Internet Mail from Cisco (RFC4870 superseded by RFC4871) forming an open standard (DKIM is backed by an industry consortium).

Both SPF and DKIM attempt to provide information to receiving SMTP servers about whether or not a particular email message is authentic.

SPFv1 uses a very simple approach where a domain’s DNS server provides a root level TXT record that supplies information about SMTP mail servers that are permitted to originate domain email.

DKIM uses a more complex digital signature on each message (information about which is stored in a sub-domain in domains DNS containing self-signed keys).

You can read up on the specifics of each through the reference links provided below.

SPF (Wikipedia)

Microsoft SPF Record Wizard · OpenSPF Wizard

DKIM (Wikipedia)

Originally posted 2010-03-06 02:00:56.

Dynamic DNS

Most broadband users have an IP address that is issued by their provider via DHCP or PPP (PPPoE technically); that address, generally, will not change as long as the connection is kept up (in the past, some Telcos implemented a policy on PPPoE where the IP addresses would by cycled every few hours to insure that users could not depend on IP addresses staying the same, as far as I know that policy hasn’t been in effect for several years).

Realistically there are only a handful of reasons why you might need a fixed IP address rather than a dynamic IP address.

  • Running a DNS server
  • VPN endpoint (particularly a VPN server)

Further, it would be advisable to have a static IP address for the following uses (though not required).

  • SMTP server

Many people mistakenly believe they must have static IP address in order to have a web server (or FTP server).  That’s simply not the case.

Many domain registrars that provide DNS service offer dynamic registration of host (dynamic DNS), and even if your registrar doesn’t provide that service there are a number of free providers that allow you to register a dynamic host name in their domain (you could then create a CNAME in your domain and point back to that).

Provided that your gateway or a host on your sub-net can provide the dynamic DNS provider with notifications of changes to your IP address, you will always have a canonical name that you can reach your IP address via.

Which means, you always have a way to find a web server, or most any other type of network service that you choose to run on your home network.

NOTE: You should check your terms of service, your provider may forbid you from operating one of more services on your connection.

While there are many dynamic DNS providers, I tend to recommend individuals look at DynDNS.org first, they offer a free dynamic DNS service that should suit the needs of most individuals, and offer update clients for most operating systems in the case that your gateway is unable to update your IP address (or is unable to do so correctly, which may be the case for DSL services where the modem initiates the PPPoE connection).

One other thing you might think about… even if you have a static IP address, it may make sense to use a dynamic DNS service to provide you with your IP address — you can generally enter it as static, or just go ahead and run the update client.  That insures you that if anything goes wrong you can still find your IP by name (and provides a redundant DNS entry).

Originally posted 2010-01-21 02:00:24.