DNS records file for HelioHost servers

[Kairion]

If your domain's DNS is hosted elsewhere (you are not using HelioHost nameservers: ns1.heliohost.org and ns2.heliohost.org) and your service provider supports importing Bind zone text files, you can use one of these attached files to automatically create A, AAAA, and CNAME records for Tommy and Johnny.

 

What do these files do?

When you import them to your DNS service provider, it will:

• Add an A record pointing your base domain (e.g. yourdomain.com) to the correspondent HelioHost server.
• Add an AAAA record pointing your base domain (e.g. yourdomain.com) to the correspondent HelioHost server.
• Add a CNAME record pointing your subdomain www (e.g. www.yourdomain.com) to your base domain (e.g. yourdomain.com).
• Add an MX record pointing to your domain (yep, your domain is your host, at least if you use HelioHost servers for that purpose).
• Add a simple TXT record for SPF, allowing only your account's server to handle your emails (if you also use other systems, it has to be changed to include all your servers, or else your emails will fail SPF and DMARC validations).
• Add a basic (and honestly useless) DMARC record. If you only want emails to work, that will do. If you desire to manage your mail system, read about DMARC policies and update them accordingly.
• You can get your DKIM record from your Plesk panel. Log into it, click on Mail, Mail Settings, select your domain, check the "Use DKIM spam protection system to sign outgoing email messages" option, and click on Apply. After the page reloads, go down to that checkbox again, and on its right side, you will see the link "How to configure external DNS". Click on it and add both records it generated for you.

 

How do I use them?

Download the file correspondent to your account's server, open it with notepad (or another basic text file editor), and press CTRL+H (Replace). On Find write the dummy text yourdomain.com and on Replace insert your base domain (i.e. without www), and click on Replace all. Save and close your file. If needed (e.g. IP addresses on the Plesk panel different than in your server's text file here), use Replace to change them as you did with your domain. Here is an example:

 

Now go to your DNS provider and import your text file into it (if you do not know how to do that, either ask your DNS provider customer support or post in this section and our community may help you.

 

IMPORTANT: At least on Cloudflare service, these records do not overwrite preexistent ones, so if you already have any or all of the mentioned records, you have to delete them before importing one of these files, or else you will get duplicate records, thus messing your DNS and giving you a headache. Please also be warned that due to the nature of IP4 and IP6 SPF mechanisms and how Cloudflare work, it is not possible right now to keep your IP addresses hidden. Be sure it is not a problem for you. If it is a problem, you should start looking into SMTP relays.

 

It would be possible to include email-related records, but since some email records require (or could have, if one so desires) customization, at least for now, I didn't write a Bind zone text file for them. Also, I have not written a text file for Ricky because it is impossible to sign up for an account on it now, though as soon as it gets rebuilt, I will update this topic to include a file for its records.

 

add_tommy_records.txt add_johnny_records.txt

[wolstech]

Nice.

Can you add the SPF and MX to these as well? Email won't work otherwise. Also, with Tommy the A record can vary as Tommy uses multiple IPs to help protect against DDoS. The user needs to get the IP for their domain from plesk.

[Kairion]

Sure, files were improved to include MX, SPF, and DMARC records.

I included SPF records allowing IP addresses, but per SPF's RFC, it is possible (and it would be easier and clearer) to determine the web server or the mail server ("a" and "mx" mechanisms), thus even if its A and AAAA records are changed, it wouldn't be necessary to alter the SPF record too.

Unfortunately, Google seems to have some unwritten rules against their use, which led me to use the IP4 and IP6 mechanisms.

Another alternative would be if HelioHost had an "include" address, e.g. _spf.heliohost.org, listing all Tommy's, Johnny's, and Ricky's IP addresses (or IP blocks), and all users would only add to their DNS records something like that:

v=spf1 include:_spf.heliohost.org ~all

The obvious downside: they'd be allowing all those IP addresses to send emails on behalf of their domains, which could be somehow prevented with a different implementation, e.g. _tommy.heliohost.org (listing all possible Tommy IP addresses), _johnny.heliohost.org, _ricky.heliohost.org and it would go on.