Common Errors When Creating DNS Records

Every day I deal with customers who need help because the change in the DNS zone of their domain did not work out as planned. To make sure it doesn't happen the same way, we discuss the most common mistakes.

The most common errors when creating or changing DNS records are duplicate entries or conflicting entries, such as multiple MX, SPF or A and AAAA. Depending on which services you want to connect to your domain, you either need to create new records or modify existing ones.

Typically, you create the DNS entries named by the provider completely new if there were no comparable entries before or change existing entries if you change the provider. For example, A and AAAA records for linking a website or MX records for mailing.

If you are not sure what DNS records actually are, you should read this article first:
Everything You Need to Know About DNS Records - A Guide for Beginners

We will have a look at the following common mistakes:

  • Mistakes when creating MX records
  • Not creating the SPF record
  • Having multiple SPF records
  • Bei Webseiten-Wechsel nicht auch die AAAA Einträge ändern
  • Create CNAME while other entries exist for the same subdomain

Mistakes when creating MX records

One of the most common errors is creating MX records without removing those of the previous provider. This can lead to conflicts, because then several entries exist in parallel.

Although there are MX entries the so-called priority, which determines which entry is treated preferentially (the lower the number, the higher the priority) by which problems are usually noticed or avoided, but it can be stupid. A classic example is when the previous entry has a priority of 5 and the associated mailing is not deleted because it is perhaps free and the new provider indicates you should create the new entry with priority 10.

Then you notice nothing and wonder why no mails arrive at the new provider.

The problem can be easily prevented by removing old MX records before or right after you have added the new ones.

Not creating the SPF record

Another common mistake when connecting the domain to a mail hosting is not creating the SPF of the provider.

A missing SPF leads to the mails ending up in spam or being completely rejected by the recipients, because the SPF (Sending Policy Framework) defines who is allowed to send mails for a domain.

It often happens that one only thinks of the MX entry or only this is mentioned. Some customers with whom I have spoken thought out of ignorance the SPF is not important.

An SPF record is captured as a DNS record of type TXT and starts with v=spf1, followed by include: + address of provider or IP and a strictness rule like ~all. You'll find another concrete example below.

Having multiple SPF records

If several non-identical entries are created that start with v=spf1, this is a conflict. Because the mail server does not know from the recipient which one should be interpreted.

Only one SPF may exist at a time. Therefore, the old SPF must be removed when a new mailing is connected.

Alternatively, you can include the old SPF into the new one by taking over the "include" part.

In the following image you can see how a combined SPF entry looks like:

How to combine various SPF records. Simply hit space between each include:...

Change only the A, and not also the AAAA entries when changing websites

Often, when the hosting provider is changed, the entries of type A (or A records) are adjusted, but quite often there are also entries of type AAAA - which are forgotten.

If these are not changed, a situation arises in which the IPv4 addresses of the A records point to the new website and the IPv6 addresses of the AAAA records point to the old one. Depending on which IP address is preferred by the visitor's browser, some visitors will be directed to the new website or to the old one.

To prevent this, it should always be checked whether old AAAA entries exist that need to be changed or deleted. The latter if there are no corresponding entries for the new website.

Create CNAME while other entries exist for the same subdomain

If you change the provider of your website, you may have to create a new CNAME record for the WWW variant of your domain, so that everything works properly.

In solchen Fällen kommt es oft vor, dass sich der CNAME in der DNS Zone der Domain nicht anlegen lässt und ein Fehler ausgegeben wird (was eine DNS Zone ist schauen wir uns übrigens hier genauer an).

In most cases, the problem is that there are other records (e.g. A records) for the WWW variant of your domain from the previous configuration. Since a CNAME is a redirect, it cannot coexist with other records for the same subdomain.

To solve the problem you just need to remove all other entries that exist for WWW.

Now you are well prepared to avoid the most common mistakes when changing the DNS zone of your domain. However, if something goes wrong - after all, you don't mess around with your DNS zone every day - you can write to me or contact your support (especially if you're in a hurry, the latter should be your first choice).

Recent posts