Since I set up contact forms on various websites I’ve had a slowly increasing volume of spam. Not direct spam sent to me, but bounces from non-existent addresses that were being spamme, apparently from my address. Unfortunately the spam wasn’t originating from my address, but my address was somehow picked up (probably from before I secured the contact forms on the site) and was being used as the “reply to” address. After some investigation I heard about SPF which is an e‑mail anti-forgery system.
میں نے اپنا ڈومین نام پر SPF ریکارڈ قائم کئے ہیں (which I use as my primary e‑mail) then mail servers that support SPF will check that any e‑mail they receive with my address as the “from” or “reply to” address did actually come from my mail server. If it didn’t the server will clearly identify the mail as spam and will discard it without sending me an annoying bounce message. DKIM is similar and effectively aims to achieve the same thing. Finally, DMARC is a new system which standardises the behaviour of both SPF and DKIM and also generates reports of any e‑mails which are not delivered instead of you getting bounce messages. No system is perfect but DMARC (and therefore DKIM and SPF) are supported by Yahoo, AOL, مائیکروسافٹ, Facebook and Google. Between them they account for a large proportion of the e‑mail “market” so to speak.
ہجرت کے لئے کس طرح DNS provider to Amazon Route 53
آپ کو ایک کی ضرورت کے لئے جا رہے DNS provider (in most cases your registrar) that supports SPF, Dki میں ریکارڈز dmarney کرنے. مائن (123-REG) doesn’t support DKIM so I decided I would have to look to move. However, میں نے ماضی کے لئے 123-REG کے ساتھ بہت خوش کیا گیا ہے 9 years and moving to a new registrar didn’t appeal. Instead I decided to simply move my DNS servers to a different DNS provider. Amazon provide a DNS service as one of their web services called “Route 53”. Whilst this isn’t free it is based on a “pay for what you use” model, and I anticipate it costing me under £10 a year. As an added bonus Amazon’s DNS service is much faster than that of a typical registrar and so will speed up site access times.
- Sign up for Amazon web services. You will have to provide a credit card, and verify your ID — in my case I did this by automated phone call which took under 1 منٹ
- لاگ ان کریں AWS Management Console
- Click on the link in the AWS console to open the روٹ 53 کنسول
- Create a “hosted zone” for your domain
- Go to the record sets of the hosted zone
- In a new window (یا ٹیب) log in to your current registrar and have a look at your existing DNS ریکارڈز.
- Switch back to Route 53
- Create any DNS اندراجات آپ کی ضرورت ہے, probably by duplicating what you see in your current settings with your registrar
- کا ایک نوٹ بنائیں 4 name servers (ٹائپ NS)
- Switch back to your registrar’s control panel / console and change your name servers to the 4 تم میں کا ایک نوٹ بنا دیا #6.
This should complete the basic DNS migration from your registrar to Amazon Route 53. It might take up to 48 hours to fully propagate through the DNS system but I found it was almost instant for me. As long as you created all the records you need (probably by duplicating what you had set up previously on your registrar) you shouldn’t see any interruption of service.
SPF انسٹالیشن, Dki کی روٹ پر dmarney کرنے 53 for Google Apps e‑mail
I manage my e‑mail through Google Apps. Setting up e‑mail authentication on Google apps is fairly straightforward.
- یقین ہے کہ آپ کے روٹ میں لاگ مکمل کر چکا ہے 53, and open the hosted zone for the domain you wish to create records for
- You will create 4 records — 2 SPF, 1 Dki میں 1 DMARC. 1 SPF record will be a special “SPF” type of record, the other 3 اقسام تمام TXT ریکارڈز ہو جائے گا
- Both SPF records will contain the text “v=spf1 include:_spf.google.com ‑all”, including the ” marks. Remember to set one as type TXT and one as type SPF
- DMARC کی ریکارڈ قیمت "V = DMARC1 پڑے گا; P = سنگرودھ; PCT = 100; Rua کی = میل بنام:you@your-domain.com", اور نام _dmarc پڑے گا. آپ تبدیل یقینی بنائیں you@your-domain.com to the address you want DMARC reports sent to. You can also change some of the properties, وہاں ایک گوگل کی طرف سے کی رہنمائی which will help you decide what properties you wish to use.
- آخر, the DKIM record is the most complicated and requires some information from google which is specific to your domain…
- Log in to your google domain administrator panel at https://www.google.com/a/cpanel/پرائمری ڈومین کا نام — remember to change پرائمری ڈومین کا نام آپ کے ڈومین نام کے لئے
- Click on “advanced tools” and scroll down to the bottom, and click on “Set up email authentication (DKIM)"
- Make sure the correct domain is selected in the pull-down box (you probably only have 1 ڈومین) and click on “generate new record”
- Enter a prefix if you want one — I just used “google” and click generate
- In the box that displays there is the record you need to enter at your registrar along with the hostname
- TXT ریکارڈ قدر کاپی کریں اور کا ایک نوٹ بنانے DNS میزبان نام
- Switch back to Route 53
- Create the final (4ویں) new record — give it the name of the DNS Host Name you made a note of. Give it the value you copied from the TXT record value — remember to put the value inside “” marks
- Wait a few minutes and then click “Start Authentication”. If successful you’ll see “Status: Authenticating email"
- آپ پر منحصر انتظار کرنا پڑ سکتا 24 کے لئے گھنٹوں DNS to propagate so that you can start authentication, but generally it should happen pretty quickly
For another take on this process I recommend 2 articles by Christopher Maish — the first on SPF اور Dki میں, دوسرا DMARC. اچھی قسمت!
“Hi James I realise it has been a long while, but I just checked this on windows 11 (build 23H2)…”