The EXPERTE.com DNS Check automatically determines the most important DNS entries of a domain and displays them clearly. In addition to the classic DNS entries, the DNS check also checks whether security features such as DNSSEC or DANE are used and whether e-mail validations such as SPF or DMARC are activated.
The DNS-Check currently checks the following records:
The A-Record assigns an IPv4 address to the domain.
The AAAA record assigns an IPv6 address to the domain.
The MX record specifies the domain name under which the mail servers of the domain can be reached.
The NS records specifies which name servers are responsible for the domain.
The SOA record specifies, among other things, which name server is the primary name server for this domain and contains a serial number of the zone.
Freely definable text can be stored in a TXT entry. It is often used for owner verification, SPF or DKIM.
A CNAME record is a reference to another domain name that serves as an alias for the original name.
In addition, the DNS-Check checks the following security features:
A CAA entry can be used to specify which Certificate Authority (CA) is authorized to issue an SSL Certificate for this domain.
A TLSA entry can be used to specify which certificates a client can trust (DANE).
With DNSSEC, a DNS user can verify that the received DNS data is identical to the original DNS data. This can prevent DNS spoofing.
With the Sender Policy Framework (SPF) you can define which IP addresses are allowed to send e-mails under the domain name.
DMARC determines what should happen to e-mails that do not fulfill certain policies (e.g. SPF).