Description
This article will show how to use the DiG application to verify if the Service Provider has configured correctly his DNS records
Required Tool
DiG (BIND 9.16.28) |
How to Install (Windows 10)
Download the file
Extract the ZIP file that you downloaded
Open the folder and run BINDInstall.exe with administrative rights
MS defender will warn you that this file is unrecognized.
Click in More info
Then click on Run anywayAdd these informations:
Service Account Name: named
Service Account Password: Generate Here
Confim Service Account Password: Same used above
Note: This password is not required to use the application, but save it somewhere, just in case
Tick the checkbox Tools Only
Then click on Install Button
It will automatically install Microsoft Visual C++ 2017
Once finished installation a popup will be shown, click on OK button
Click on Exit button
Click on the windows start button, type "variables" and click on the bet match.
A System Properties window will open, click on Environment Variables button
Under Systems Variables, double click on Path entry
An edit environment variable window will open, click on New button
Paste this path: C:\Program Files\ISC BIND 9\bin, hit Enter key and click OK
Click OK again
Click OK again
Installation completed.
How to open the Command Prompt
How to verify if SP configured DNS record A
Find your Service provider and click on Edit button
Scroll down to TrustTrack2 parameters
Copy the Domain name set on Trust Track 2
Open the Command Prompt
Type the following command: dig <domain> A
Using as an example the domain: web.promatix.com.br
The command to be typed would be:
dig web.promatix.com.br A
Hit Enter keyUnder ANSWER SECTION, it will return the current IP configured as Record A
The IP must be 92.62.134.114
Note: This IP is from our Trust Track web application, which is different from our Server IP(92.62.134.34) configured in Device Center
There is another option as well to only show the IP address as the response from the command. If you would like to use it, just append +short to the aforementioned command.
As an example, it would be like this:
dig web.promatix.com.br A +short
Important note: If the client just changed this configuration on their domain DNS record, it can take up to 72 hours (usually it is fast), in order for that change to reflect on the internet. As the new configuration needs to be broadcasted to all DNS servers all over the world, it can take some time for all servers to catch up on this new parameter.
Video explanation (DNS Propagation): https://www.youtube.com/watch?v=Gr8RzCZWh5M
How to verify if SP configured DKIM and SPF
Find your Service provider and click on Edit button
Scroll down to TrustTrack2 parameters
Copy the text after the @ from the email address set on set on Trust Track 2
In this example, it will be traqd.co.uk
Open the Command Prompt
Type the following command dig <domain> TXT
Using as an example the domain: traqd.co.uk
The command to be typed would be:
dig traqd.co.uk TXT
Hit Enter keyUnder ANSWER SECTION it will return all records set to TXT record type, look for entries with v=DKIM1 and v=SPF1
There is another option as well to only show only the entries as the response from the command. If you would like to use it, just append +short to the aforementioned command.
As an example, it would be like this:
Video explanation (DKIM and SPF): https://www.youtube.com/watch?v=8V2nfKLzc84
The DNS records with the DKIM and SFP information are required to ensure the proper delivery of emails from the Trust Track application. Without these records most email systems will reject the emails from the Trust Track application as SPAM and your customers will not be able to receive event notifications and similar messages from the Trust Track application on your service provider domain's behalf.