WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

971

I just bought a domain to act as my cert retardation. How long dos propagation take? Also should a subdomain port.domain.net, be an A record or a different kind?

I just bought a domain to act as my cert retardation. How long dos propagation take? Also should a subdomain port.domain.net, be an A record or a different kind?
[–] 2 pts

It takes between 2 to 12 hours to propagate all over the major DNS.

DNS record types define the information stored in a DNS record, such as an IP address, mail server information, or other data associated with a domain name. Common types include A, AAAA, CNAME, MX, NS, TXT, PTR, SOA, SRV, and CAA.

A (Address): Maps a domain name to an IPv4 address.

AAAA (IPv6 Address): Maps a domain name to an IPv6 address.

CNAME (Canonical Name): Creates an alias for a domain name, pointing it to another domain.

MX (Mail Exchange): Specifies mail servers responsible for accepting emails for a domain.

NS (Name Server): Indicates the authoritative name servers for a domain.

TXT (Text): Stores text data, often used for domain verification, SPF records, or other administrative information.

PTR (Pointer): Used for reverse DNS lookups, mapping an IP address to a domain name.

SOA (Start of Authority): Contains administrative information about a domain, such as the primary name server, contact information, and refresh intervals.

SRV (Service): Specifies the location of services like SIP or LDAP servers, including the port number.

CAA (Certification Authority Authorization): Specifies which certificate authorities are allowed to issue certificates for a domain.

SPF (Sender Policy Framework): Used to prevent email spoofing by specifying which mail servers are authorized to send emails for a domain (often implemented using TXT records).

DMARC (Domain-based Message Authentication, Reporting & Conformance): A protocol built on top of SPF and DKIM to define how email receivers should handle messages that fail authentication checks (also often implemented using TXT records).

DKIM (DomainKeys Identified Mail): A method for email authentication that uses digital signatures to verify the sender's identity.

[–] 3 pts

It's amazing how many entities don't have proper DMARC records these days. For example, GE doesn't have a policy set. I have to deal with them on a professional level, and their mails are always getting trapped because they suck.

I've had to bitch at a few large corp entities about their non-compliant SPF records as well.

[–] 2 pts

I don't think anyone cares anymore. Most of the admins are DEI anyways.

[–] 2 pts (edited )

You are correct, they don't care. Although I did get one large airline to fix their crap and they now have a properly formed SPF that doesn't violate rules put into place in 2014...

[–] 1 pt

Holy fuck that's embarrassing for such a large company. Setting up DMARC isn't even that hard.

When I respond to people complaining about DMARC holds I always make sure to tell them it's because the sender has bad IT policies and practices.

[–] 1 pt

It is. They went so far as to HAVE the record, but nothing as to what their mailserver should do when it encounters a bad mail. Japan is really bad about this too - they're high tech, but it's like they went full stop in certain areas. We get a lot of spam from that part of the world because their mailservers are wide open.

I always check using mxtoolbox and tell complainers exactly why their mail got stopped, or why they got the spam.