Query all email-related DNS records in one comprehensive scan. See MX, SPF, DKIM, DMARC, and more.
DNS records are instructions that tell the internet where to send traffic for your domain. DNS stands for Domain Name System, and it works like a phone book for the internet, it translates human-readable domain names (like scaledmail.com) into IP addresses (like 192.168.1.1) that computers use to find each other.
Every domain has a set of DNS records stored on nameservers. When someone types your domain into a browser, sends you an email, or connects to any service on your domain, the first thing that happens is a DNS lookup. The requesting server checks your DNS records to figure out where to route that traffic.
If your DNS records are wrong, your website won't load, your email won't arrive, and your authentication will fail. That's why checking your DNS records regularly matters, especially if you rely on email for business.
The A record maps your domain name to an IPv4 address. This is the most basic DNS record, it tells browsers which server to connect to when someone visits your domain.
scaledmail.com. A 203.0.113.50MX records tell the internet which server handles email for your domain. The number before the server name is the priority, lower numbers mean higher priority.
scaledmail.com. MX 10 mail.scaledmail.com.TXT records hold free-form text data. Today they're mostly used for email authentication: SPF records define which servers can send email from your domain, DKIM records publish public keys for signature verification, and DMARC records set authentication failure policies.
scaledmail.com. TXT "v=spf1 include:_spf.google.com ~all"A CNAME record creates an alias, it points one domain name to another instead of directly to an IP address. Important: You cannot put a CNAME on your root domain. Only subdomains can use CNAME records.
www.scaledmail.com. CNAME scaledmail.com.NS records specify which nameservers are authoritative for your domain, the servers that hold your DNS records and answer queries. Most domains have at least two NS records for redundancy.
PTR records do the reverse of A records, they map an IP address back to a domain name. Many receiving mail servers check that the sending server's IP has a valid PTR record. Missing PTR records make your email more likely to land in spam.
Each DNS record has four parts: the name (which domain or subdomain it applies to), the type (A, MX, TXT, etc.), the value (IP address, server name, or text string), and the TTL (time to live, how long other servers can cache this record before re-checking).
Four types of DNS records work together to authenticate your email and tell receiving servers you're legitimate. Think of it as layers:
All four need to be set up correctly. Missing any one of them weakens your email deliverability. If you're sending cold email or running email at any real volume, this isn't optional, it's table stakes. Check yours with our SPF Checker and DMARC Checker.
You updated a DNS record but nothing changed? DNS changes don't take effect instantly. Other servers cache your old records based on the TTL value.
Fix: Wait. Most changes propagate within a few hours. If it's been more than 48 hours, something else is wrong. Pro tip: Lower the TTL to 300 seconds a day before making changes so they propagate faster.
The most common conflict: having two SPF TXT records. The SPF spec says you can only have one. Two SPF records means neither works, and all your email authentication fails silently.
Fix: Audit your TXT records. If you have multiple SPF records, merge them into one. If you have a CNAME alongside other records on the same subdomain, pick one approach.
If your email is landing in spam, check whether you're missing SPF, DKIM, or DMARC records. Missing authentication records is one of the most common reasons for deliverability problems.
Fix: Add the missing records. Use our SPF Checker, DMARC Checker, and Deliverability Checker to identify gaps.
You can't put a CNAME record on your root domain (e.g., yourdomain.com without any subdomain prefix). This is a technical limitation of the DNS specification.
Fix: Use an A record on your root domain instead. If your hosting provider requires a CNAME, switch to a DNS provider that supports CNAME flattening (like Cloudflare).
When you change a DNS record, servers around the world still have your old records cached. They won't check for updates until the cache expires based on the TTL value.
To check if changes are live, run a DNS lookup with this tool and check from multiple locations. On your own machine, flush the DNS cache, on Windows run ipconfig /flushdns, on Mac run sudo dscacheutil -flushcache.
At minimum, check after any DNS change to confirm it took effect. Monthly checks are a good practice for email-related records. Services can modify records without you noticing, and you want to catch problems before they affect deliverability. If you're running email at scale, weekly checks are better.
Yes. Multiple A records on the same domain is a common load-balancing technique called DNS round-robin. The DNS system rotates through the available A records, distributing traffic across multiple servers.
Add it back as quickly as possible. Because of DNS caching, some servers will still have the old record cached. The damage depends on the record type, deleted A records take your website offline, deleted MX records stop email delivery, deleted SPF records break authentication. Most DNS providers keep a change history you can reference.
A domain registrar is where you buy and renew your domain name. A DNS provider hosts your DNS records. They can be the same company, but they don't have to be. The NS records at your registrar tell the internet which DNS provider to use.
DNS propagation. After a change, servers in different locations update at different times depending on when their cached copy expires. This is normal and resolves itself within the propagation window.
If an attacker gains access to your DNS provider or domain registrar account, they can redirect your traffic, intercept your email, and impersonate your domain. Protect your accounts with strong passwords and two-factor authentication. Enable registrar lock on your domain and monitor your DNS records regularly.
At minimum: A records pointing to your web server, NS records (usually set automatically), and if you're using email, MX records plus SPF, DKIM, and DMARC TXT records. Getting the email authentication records right from day one is critical for building sender reputation.
DNS lookup adds a small amount of time to every connection, typically 20-120 milliseconds. Using a fast DNS provider (Cloudflare, Route 53, Google Cloud DNS) helps more than tweaking TTL values.
Your DNS records are the foundation of your email infrastructure. If anything looks off, dig deeper with our specialized tools:
Validate syntax and check for too many DNS lookups
DMARC Record CheckerCheck your DMARC policy and reporting configuration
Email Blacklist CheckerSee if your domain or IP is on any major blacklists
Email Deliverability TestComplete picture of your email health across all factors
Sender Reputation CheckerCheck domain and IP reputation across major providers
MX Record LookupVerify mail exchange records and server connectivity
If you're running cold email campaigns, DNS records are just the starting point. You need properly configured domains, warmed-up mailboxes, clean IP addresses, and ongoing monitoring to maintain high deliverability.
ScaledMail handles all of this for you. We set up and manage the entire email infrastructure. DNS records, authentication, warmup, rotation, and monitoring, so you can focus on writing emails that get responses.
See How ScaledMail Works