Could you please explain this DNS configuration to me?

I know very little about DNS configuration. Could anyone please explain to me, in plain english, what the following DNS configuration achieve? It's the default configuration for my hosting provider.

NAME/TYPE/VALUE/PRIORITY

              A            X.X.X.X              0   

*             A            X.X.X.X              0   

smtp          A            Y.Y.Y.Y              0   

              MX           smtp                 10  

NS            foo1.bar.com.                     0   

NS            foo2.bar.com.                     0   

example.com.  TXT          v=spf1 a mx +all     0

A couple of crucial points:

  • Why the DOTs at the end of the domains?
  • Why the MX record has some priority set and why 10?
  • What's the difference between the first two records?

Solution 1:

Dots at the end of names mean 'this is a fully qualified entry', without the dot, the DNS server appends the domain for which these entries are listed to the name. So, you would get foo1.bar.com.example.com

The full stops are critical therefore, to prevent errors.

All MX records have a priority. MX is a mail exchanger record, and you can have multiple MX entries per domain. The entry/entries tell mail servers where to send mail for your domain. The priority allows the mail server to try them in the right order (lowest first).

The first record says "if you look up this domain, you get this IP address", i.e. example.com gives x.x.x.x

The second is a wild card, which says, if you look up any sub-domain for this domain and there is no specific match, then you get this IP address. i.e. bob.example.com and fred.example.com will resolve, and they will resolve to that X.X.X.X.

TXT entries allow for informational records, of which yours is an SPF description. SPF is something else entirely, and handles e-mail validation, more info here - http://en.wikipedia.org/wiki/Sender_Policy_Framework.

The two NS entries are name server records, and tell other DNS servers/resolvers which name servers to use for your example.com domain.

Solution 2:

A            X.X.X.X              0 

This means that yourdomain.com will resolve to the IP X.X.X.X

*    A            X.X.X.X              0

This means that ANYTHING.yourdomain.com (so foo.yourdomain.com or bar.yourdomain.com) will also resolve to X.X.X.X

smtp          A            Y.Y.Y.Y              0

This means you have a record named smtp.yourdomain.com and it will resolve to Y.Y.Y.Y

MX           smtp                 10 

This sets the previously mentioned smtp.yourdomain.com as the mailserver for yourdomain.com.
If someone wants to send email @yourdomain.com it will try this server.
The priority 10 can be ignored, since there is only one MX record in your zone.
If there were more, it would be the order in which the servers would be tried to be contacted (smallest number will be contacted first).

NS            foo1.bar.com.                     0   
NS            foo2.bar.com.                     0

These two entries set the servers foo1.bar.com and foo2.bar.com as the authoritative domain servers of this zone.
Therefore if someone wants to resolve smtp.yourdomain.com he would ask foo1.bar.com. or foo2.bar.com.

example.com.  TXT          v=spf1 a mx +all     0

This is a anti spam technique, it basically specifies that from yourdomain.com every host with an A or MX record is allowed to send mails - and no other host is allowed (I'm not very familiar with SPF, please do correct me if I'm wrong).

Solution 3:

The . at the end of the domains signify that it is a fully qualified domain name. If there is no . then the DNS appends the domain to it e.g in your example has smtp without a . so it becomes smtp.example.com.

MX records have a priority set and a correctly configured mail server will attempt to deliver mail to the host with lowest priority. If this fails then the next lowest priority host will be tried.

The first record says that the ip address of example.com is x.x.x.x, the second says any host in the example.com domain that isn't specified elsewhere (e.g. smtp) will resolve to x.x.x.x.

You could probably do with having a look at this and it's related articles.