Content MarketingEmail Marketing & AutomationMarketing Tools

How To Query DNS From Terminal or a Command-Line

Photo of Douglas Karr Douglas KarrJan 23, 2024
6 minutes read
How to Query DNS using dig from Terminal or the Command Line

Understanding how to query DNS is essential, whether you’re troubleshooting email delivery issues, configuring network settings, or simply exploring the DNS infrastructure. In this article, we will delve into the various types of DNS records and provide step-by-step instructions on using the dig command in Linux, Windows, or MacOS to query Google’s DNS server.

Introduction to DNS

DNS is the backbone of the internet, acting as a digital address book that enables us to access websites and services using human-readable domain names like example.com instead of complex IP addresses. DNS plays a fundamental role in translating these domain names into the corresponding IP addresses, allowing our devices to locate and communicate with the right servers on the global network. In this article, we will explore DNS in-depth, discussing its function, the concept of propagation, and how various systems query DNS servers to resolve domain names.

DNS Propagation

DNS propagation is the process by which changes to DNS records are distributed and updated across the internet. When a domain name’s DNS records are modified, such as changing the IP address associated with a domain, these changes need time to be reflected universally. DNS propagation can take some time, ranging from a few minutes to several hours, depending on various factors like TTL (Time to Live) settings and DNS caching.

During this propagation period, different DNS servers across the internet gradually update their cached information to reflect the new DNS records, ensuring consistent access to the updated resources. DNS propagation sometimes confuses users because a visitor in one geographic region may see the updated DNS while another sees the original settings that are still propagating.

Here’s a tool to check to see if the same A Records are returned across critical DNS servers and regional DNS servers.

Check DNS Propagation

How Systems Query DNS Servers from the Command Line or Terminal

To resolve domain names and retrieve the corresponding IP addresses, various systems employ the process of querying DNS servers. When a user enters a domain name into their web browser, or when a system needs to connect to a remote server, it initiates a DNS query to find the associated IP address. Here’s a simplified overview of how this query process works:

  1. Local DNS Cache: The system first checks its local DNS cache to see if it has recently resolved the same domain. If the information is found in the cache and is still valid (based on TTL), the system can skip the next steps and use the cached IP address.
  2. Recursive DNS Server: If the domain information is not in the local cache or has expired, the system sends a query to a recursive DNS server. This server is often provided by the Internet Service Provider (ISP) or a public DNS service like Google’s 8.8.8.8.
  3. Recursive Query: The recursive DNS server, if it doesn’t have the information cached, starts a recursive query process. It queries authoritative DNS servers responsible for the requested domain, working its way up the DNS hierarchy.
  4. Authoritative DNS Server: The authoritative DNS server for the requested domain responds with the IP address associated with the domain name.
  5. Caching: The recursive DNS server caches the response for a specified TTL. This caching can expedite future queries for the same domain and reduce the load on authoritative DNS servers.
  6. Response to System: The recursive DNS server returns the IP address to the requesting system.

By following this process, systems can efficiently resolve domain names to IP addresses, enabling seamless access to websites, services, and other resources on the internet. Understanding DNS and how it operates is essential for anyone involved in web development, network administration, or troubleshooting internet connectivity issues.

Types of DNS Records

DNS records come in various types, and some of them, including SPF (Sender Policy Framework) and DMARC (Domain-based Message Authentication, Reporting, and Conformance), are stored as TXT records. Here are some common types of DNS records:

  • A Record (Address Record): This type maps a domain name to an IPv4 address.
example.com IN A 192.0.2.1.
  • AAAA Record (IPv6 Address Record): Maps a domain name to an IPv6 address.
example.com IN AAAA 2001:db8::1.
  • MX Record (Mail Exchange Record): Specifies the mail servers responsible for receiving email on behalf of a domain. 
example.com IN MX 10 mail.example.com.
  • CNAME Record (Canonical Name Record): It creates an alias for a domain name, pointing it to another domain.
www.example.com IN CNAME example.com.
  • TXT Record: TXT records are used for various purposes, including SPF and DMARC records.
example.com IN TXT 'v=spf1 include:_spf.example.com -all'.

Using dig to Query DNS

Now, let’s explore how to use the ‘dig’ command to query DNS records using Google’s DNS server at 8.8.8.8. This command-line tool is available on Linux, Windows, and MacOS.

  1. Querying A Records: To query the A record of a domain, use the following command:
   dig A example.com @8.8.8.8
  1. Querying MX Records: To query the MX records of a domain, use the following command:
   dig MX example.com @8.8.8.8
  1. Querying SPF Records: To query the SPF record of a domain, use the following command:
   dig TXT example.com @8.8.8.8
  1. Querying DMARC Records: To query the DMARC record of a domain, use the following command:
   dig TXT _dmarc.example.com @8.8.8.8
  1. Querying All Records (ANY): To query all DNS records for a domain using the ‘ANY’ option, use the following command:
   dig ANY example.com @8.8.8.8

DNS Query: Email Authentication Example

Imagine your email is consistently landing in recipients’ junk folders. By querying DNS, you can verify if your email sending platform is correctly configured. If these records are not set up properly, it could lead to email deliverability issues, including emails being marked as spam. Let’s walk through the step-by-step process of how an email is routed, authenticated via SPF and DMARC, and ultimately either routed to the inbox or junk folder.

  1. The Sender Composes and Sends an Email: The process begins when the sender creates an email using their email client or platform, such as Gmail, Outlook, or a custom email service.
  2. Email Authentication: Before the email is sent, it goes through authentication checks, including verification.
    • SPF Record Check: The sending server checks the SPF record of the sender’s domain to ensure that it is allowed to send emails on behalf of that domain. If the SPF record is correctly configured, the email passes this check; otherwise, it may be flagged as suspicious.
    • DMARC Record Check: DMARC records define policies for email authentication and reporting, including how SPF and DKIM (DomainKeys Identified Mail) should be handled. The receiving server checks the DMARC record to determine how to handle emails from the sender’s domain. If the DMARC policy is not met, the email may be marked as spam or rejected.
  3. Routing Through ISPs and Mail Servers: Once the email passes authentication, it is sent from the sender’s email server to the recipient’s email server. The email may pass through various intermediate servers and Internet Service Providers (ISPs) along the way.
  4. Recipient’s Email Server Evaluation: The recipient’s email server receives the email and performs further checks. It may assess the sender’s reputation, content, and other factors to determine whether the email is legitimate or potentially spam.
  5. Scanning for Spam Characteristics: The email content is analyzed for spam characteristics. This includes checking for known spam keywords, suspicious attachments, and other indicators.
  6. Routing to Inbox or Junk Folder: Based on the results of SPF and DMARC authentication, sender reputation, content analysis, and other factors, the recipient’s email server decides whether to deliver the email to the recipient’s inbox or mark it as spam. If SPF and DMARC records are correctly configured, it increases the chances of the email landing in the inbox. If the email is marked as spam, it is typically routed to the recipient’s junk or spam folder.
  7. Recipient’s Inbox or Spam Folder: The email is now either visible in the recipient’s inbox or placed in their spam/junk folder, depending on the server’s decision.
  8. Recipient’s Review: The recipient can review their email, and if an email mistakenly landed in the spam folder, they can move it to their inbox.

Email routing involves multiple steps, including SPF and DMARC authentication, content analysis, and sender reputation assessment. Correctly configured SPF and DMARC records can enhance email deliverability, ensuring that legitimate emails reach the recipient’s inbox while reducing the likelihood of emails being marked as spam. If your emails consistently end up in recipients’ junk folders, it’s essential to check and ensure the proper configuration of SPF and DMARC records to address potential email deliverability issues.

Understanding and querying DNS records, you can identify and rectify these issues, ensuring your emails reach the inbox.

Related Martech Zone Content

DNS Management
Why Should Your Company Pay for Managed DNS?
DNS Propagation Checker: Query A, AAAA, CAA, CNAME, MX, NS, PTR, SOA, SRV, and TXT Records
App: DNS Propagation Checker
MacOS: Verify DNS Locally Using a Hosts File
MacOS: Need to Verify DNS Locally Using Hosts on OSX?
Mobile Email Subject Line Length for Mobile Email Clients
App: Email Subject Line Length and Mobile Display Visibility (Character Counts)

Photo of Douglas Karr Douglas KarrJan 23, 2024
6 minutes read
Photo of Douglas Karr

Douglas Karr

Douglas Karr is a fractional Chief Marketing Officer specializing in SaaS and AI companies, where he helps scale marketing operations, drive demand generation, and implement AI-powered strategies. He is the founder and publisher of Martech Zone, a leading publication in marketing technology, and a trusted advisor to startups and enterprises… More »
Back to top button
Close

Adblock Detected

We rely on ads and sponsorships to keep Martech Zone free. Please consider disabling your ad blocker—or support us with an affordable, ad-free annual membership ($10 US):

Sign Up For An Annual Membership