anuragbhatia.com !!!

This is a question that I have been asked many times via email and sometimes even phone!

Situation is this: you wake up in the morning and found your email hosting is down. You are not getting any emails, either they are bouncing back or going to a blackhole.

What should you do in such a situation?

Email service is much like a chain – if any part is broken, you won’t get things working (apart from lots of frustration!). Since it’s like chain, one must follow step by step to find the problem.

So at this point a good question can be – where does the chain start?

Email hosting consists of 3 parts:

1. Domain Registry record
2. DNS Hosting
3. Email Hosting

Domain Registry record:

Start by checking the domain registration. You can do that using any whois service like who.is, drwhois.com etc. Make sure your domain isn’t expired. If it is, quickly visit your domain registrar control panel and renew it. Most smtp servers keep re-trying to deliver email for around 48hours, so if your domain is expired, you should renew it quickly so that future attempts at delivery will work correctly.

DNS Hosting:

If domain registry is OK, then proceed with checking things at DNS hosting.

DNS servers play an important role in email delivery by giving your MX record to sender’s server which is like an “address” of email host. So you can try sending a DNS query to dns servers for MX records.

You can use online nslookup tools like Zoneedit’s nslookup or network tools nslookup or if you want to try to lookup from your system, use “nslookup” command in Windows DOS (as shown here) and “dig” in Linux (shown here). If server doesn’t returns MX records, then try looking up for “SOA” on that server for your domain. You will probably find no SOA records which “technically” means that server isn’t hosting dns records for your domain. In real world it can be billing issues with host or accidential removal of domain. If you don’t see any SOA records, immediately contact web host via phone. If you are using any decent web host, you can expect things to be up within a couple of minutes. Otherwise I would recommend using any free dns host like editdns or zoneedit. Just signup for a free account with them, add your domain, and then DNS records (MX and A records) followed by change in name servers of your domain.

Email Hosting:

If your DNS server is returning MX records, you can proceed to the next part of chain – email hosting. If your MX records are OK and you are still not getting emails, your of email is likely bouncing and the bounced email will include the “cause” of the bounce back. It can be email account doesn’t exist or server is not accepting email. In most such cases, you would have to contact your email host for help and it can take a day or so to sort out the issue. The best thing you can do in such time is set up a temporary redirection – based email host to prevent bounce back.

You can use free email forwarders like zonedit or editdns to get all incoming emails forwarded to your personal gmail/yahoo account.

To setup forwarding – signup for a free account with provider, add your domain and setup email forwarding for all incoming emails.Then query the dns server of that host for MX records of your domain and set those MX records at existing dns hosting (to prevent hassle of shifting dns hosting).

Summary:

Happy hosting!

Hello all!

Few days back I visited Official Google Apps forum (one of my favorite places ) and answered many questions. It was quite after some time i was there and found few cases/questions/problems as really interesting.

Here’s one of the questions asked there by a admin named aol985 about SPF records.

His question -

As described in http://www.google.com/support/a/bin/answer.py?hl=en&answer=33786 , I set SPF record for mashfilm.ru domain to “v=spf1 include:aspmx.googlemail.com ~all”. But aspmx.googlemail.com currently does not resolves. Is it correct?

Nice one!

He is right on fact that aspmx.googlemail.com does NOT resolve. Ok why?

anurag@root]$ dig aspmx.googlemail.com a

; <<>> DiG 9.3.4-P1.1 <<>> aspmx.googlemail.com a
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42050
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;aspmx.googlemail.com.          IN      A

;; Query time: 100 msec
;; SERVER: 66.33.216.208#53(66.33.216.208)
;; WHEN: Wed Aug  5 02:48:00 2009
;; MSG SIZE  rcvd: 38

[anurag@root]$

Thus no A record which means it won’t resolve, BUT one must remember that a zone can have many records working side by side offering their own feature, like – MX records can be there with/without A, same with txt records, and few other also.

Now observing the spf record by Google – “v=spf1 include:aspmx.googlemail.com ~all”

here include:aspmx.googlemail.com

means to include the spf record of aspmx.googlemail.com which makes sense as:

[anurag@root]$ dig aspmx.googlemail.com txt

; <<>> DiG 9.3.4-P1.1 <<>> aspmx.googlemail.com txt
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30134
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;aspmx.googlemail.com.          IN      TXT

;; ANSWER SECTION:
aspmx.googlemail.com.   7178    IN      TXT     "v=spf1 redirect=_spf.google.com"

;; Query time: 14 msec
;; SERVER: 66.33.216.208#53(66.33.216.208)
;; WHEN: Wed Aug  5 02:54:02 2009
;; MSG SIZE  rcvd: 82

[anurag@root]$

Now it means spf record for aspmx.googlemail.com is “v=spf1 redirect=_spf.google.com”

Now trying to understand _spf.google.com

underscore right in start makes it different from a sub-zone since it can’t be used as a domain but will still remain a working sub zone in terms of DNS.

So now since it can’t be used as a  sub domain i.e which can be used to be attached with web server and can supply pages via ftp, there is no meaning of A record for it here.

Checking txt string of _spf.google.com

[anurag@root]$ dig _spf.google.com txt

; <<>> DiG 9.3.4-P1.1 <<>> _spf.google.com txt
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52983
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;_spf.google.com.               IN      TXT

;; ANSWER SECTION:
_spf.google.com.        300     IN      TXT     "v=spf1 ip4:216.239.32.0/19 ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:64.18.0.0/20 ip4:207.126.144.0/20 ?all"

;; Query time: 29 msec
;; SERVER: 66.33.216.208#53(66.33.216.208)
;; WHEN: Wed Aug  5 02:57:26 2009
;; MSG SIZE  rcvd: 229

[anurag@root]$

And here we got it!

So much information in just one hostname!

“v=spf1 ip4:216.239.32.0/19 ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:64.18.0.0/20 ip4:207.126.144.0/20 ?all” is a part of SPF record which Google makes its Google Apps users to use.

Thus using

“v=spf1 include:aspmx.googlemail.com ~all” in spf tells that “this domain allows all of the server on this ip range – ip4:216.239.32.0/19 ip4:64.233.160.0/19 ip4:66.249.80.0/20 ip4:72.14.192.0/18 ip4:209.85.128.0/17 ip4:66.102.0.0/20 ip4:74.125.0.0/16 ip4:64.18.0.0/20 ip4:207.126.144.0/20 as authorized to send email on behalf of that domain.

So that’s how spf works in this case.

(11 votes, average: 4.64 out of 5)

 Loading ...

I found a few great web hosts, which are really cheap yet reliable for Professional Website Hosting. So thought to put a review about them here.

Today will discuss – Bluelemonhost

Its one of the cheapest host i had seen on web, that too with cPanel and 99.9% uptime! 

I had used it personally & its really good.

Good things about it:
 

• Too cheap …basic plan costs $11/yr only.
   
• cPanel based panel….thus really cool to manage things.
   
• Great link speeds….as per my tests – uplink – 3.5MBps and downlink – 2.8MBps (though appears to be little slow…but believe me its far better then expensive Dreamhost!)
   
• Good support….always responses with “done/solved/ok”
   
• Daily free backups with free restoration (nice!)
   
• No irritating limits on number of sub domains, sql databases & users, ftp users and even mailing lists. 

Bad things about it:

• No ssh shell access (but i do accept its useless to give that in plan like $11 an year due to security reasons).
   
• No wget allowed (even via cron jobs) though good way out is just using ftp commands in shell but again that’s not for home users. 
   
• Irritating limit- in $11 plan you can host only 1 addon domain & parked domain.
   
• No great cPanels addons like website builder or templates. (though you won’t need those ever!)

I recommend it using just for personal blogs and small professional sites because of its cost, features it just provides really solid hosting for personal blogs but because of limitations i won’t recommend it for an advanced user.

Cheers!

After recieving lots of emails regarding SRV records issue in Google Apps, i finally tried that in myeslf……unfortunately thats true that Google has missing info. about SRV records.

As per refering to official Google’s help here .

It has missing info. about the location servers.

Here are those missing SRV records…

_xmpp-client._tcp.YOURDOMAIN.TLD. IN SRV 5 0 5222 talk.l.google.com.

_xmpp-client._tcp.YOURDOMAIN.TLD. IN SRV 20 0 5222 talk1.l.google.com.

_xmpp-client._tcp.YOURDOMAIN.TLD. IN SRV 20 0 5222 talk2.l.google.com.

_xmpp-client._tcp.YOURDOMAIN.TLD. IN SRV 20 0 5222 talk3.l.google.com.

_xmpp-client._tcp.YOURDOMAIN.TLD. IN SRV 20 0 5222 talk4.l.google.com.

so finally saying…..just forget everything and have these SRV records to get your domain’s Gtalk working from external IM services…

I created a public G.docs spreadsheet here for easy viewing.

Feel free to post for any issues…

FAQ ON GApps SRV Records

[faq list Google Apps SRV Records]

[faq ask Google Apps SRV Records]

Hope this will help you out

(16 votes, average: 4.44 out of 5)

 Loading ...

Glue records….i wonder WHY most of Engineers, DNS specialist call them as Advanced DNS stuff!

i totally disagree to it …..

as per me:

Glue records – MOST fundamental DNS record which actually start the lookup!

Lets understand how to come in basic scenario……

Observe two sites – harisri.in & anuragbhatia.com

There’s a basic difference in terms of DNS in both sites. Nameservers of harisri.in are ns1.anuragbhatia.com & ns2.anuragbhatia.com which belongs to a totaly seprate zone, but nameservers for anuragbhatia.com are ns1.anuragbhatia.com, ns2.anuragbhatia.com & so….. i.e domain is having nameservers which are sub zones of  domain itself.

Working of DNS in both cases

anuragbhatia.com
Query for ns starts:

ISP->Root servers-gtld servers->returing ns – ns1.anuragbhatia.com, ns2.anuragbhatia.com and so with ip’s 66.117.40.216, 69.26.176.28…….

and thus got ip of resolvers…..so work of DNS is over.

Now observe route for DNS lookup of harisri.in

Query for ns starts:

ISP->root server->cc tld server- in servers->returning ns – ns1.anuragbhatia.com & ns2.anuragbhatia.com

Now important here is nameservers are given in form of hostnames (NOT ip) and thus a lookup will continue for resolving ns1.anuragbhatia.com and so in way as

ns1.anuragbhatia.com – seprating ns1. and lookng for anuragbhatia.com, got nameservers – ns1.anuragbhatia.com, and ns2.anuragbhatia.com with ip’s and now on those dns servers query will ask for ip for ns1.anuragbhatia.com (confusing here? …yes i know!)

This means if we want to get ns for anuragbhatia.com we will get ns1.anuragbhatia.com & ns2.anuragbhatia.com with ip’s BUT if we want ns for harisri.in, we will get ns in hostnames and a seprate lookup will be done to resolve those hostnames and important is ….whenever a domain has nameservers of any other domain, then nameserver’s host names are resolved on dns of 2nd and NOT via glue records……..

Thus now we can understand glue records as the MOST fundamental dns records which provide glue for a hostname on root servers.

And interesting fact is glue records are on root servers and NOT dns servers, though we MUST have corresponding A records on DNS hosting for every glue record.

A more interesting thing about these records is these have many names as per different registrars…….some call it nameservers records, some call it child nameservers, some give it as option for registering nameservers etc.
Thus a nameserver woeks with three most fundamental records:

1. Glue records (on root server of that tld)
2. A records corresponding to glue on dns host
3. NS records at dns host for deligating zone on those specific servers.

FAQ

Are glue records essential part of DNS?

Yes! they are…..you can have your site working without any glue records but at the end the nameservers you are using must have glue, e.g you can have nameservers of your site as ns1.your-web-host.com and your-web-host.com might have namesevers dns1.nameserver.com and then namesevers.com will be having ns1.nameserver.com thus….at last glue is on ns1.nameserver.com

How many glue records one can create?

Its virtually infinite but you might experience issues becoz of registrar limits.

Glue records, much similar to A records, can i use them as substitute to A records?

No, no and NEVER think of that.It will not work, as i already said that we MUST have A records entries for every glue record, thus as general glue records without any a is virtually nothing.

I  guess reason for its not working can be to prevent load on root servers, like if that way is allowed then people might use too many glue records without giving any load on their dns servers!

I can’t see any option like glue records in my domain control panel. What to do?

Contact your registrar/reseller, if they can’t help then shift your domain to any other registrar like – name, aapkadomain etc.

Is it necessary to have glue records if i want to use hostnames as nameservers for domains?

Confusing question, for now my answer is yes. I have tried using hostnames on name.com and Direct i when i didn’t had any glue records, all worked fine but when i tried entering those as namesevers for a domain on eNom, it gave errors.
i had nameservers like ns21.anuragbhatia.com & ns22.anuragbhatia.com which have A entried on namserver hosting anuragbhatia.com itself. And finally when i provided glue to those nameservers, they worked fine with eNom also. Thus thats all depends on regitsrar’s policies, and it will be always better to have glue for nameserver records.

What will happen if we have un-matched set a record and glue records for a given hostname?

Nothing will wrk!

i mean to say you will get arbit results. In fact a few months back it took me 1hr to find out a similar issue where i get different ip for a hostname from different locations. So all i can say – be careful!!!