TranscendLinux.com

This is a tutorial on basic DNS configuration (I'll use a couple of my domains as examples).

Summary:
1) Configure NS/SOA records.
2) Configure A record(s).
3) Configure CNAME records.
4) Configure MX records.
5) (semi-optional) Configure PTR records.
6) (optional) Configure TXT record for SPF.

Step 1: Configure NS/SOA records. This is done at the registrar for the domain, and these records should point at the authoritative nameservers for the domain (in this case ns.rackspace.com and ns2.rackspace.com):

transcendlinux.com. IN NS ns.rackspace.com.
transcendlinux.com. IN NS ns2.rackspace.com.

Step 2: Configure the A record(s). You will need one for the primary IP for the domain:

transcendlinux.com. IN A 66.216.86.219

And one for any mail domain that will be used as an MX record (more on this in a sec). Since I use another domain for mail for this domain, I don't need another A record here.

Step 3: Configured CNAME records. For every subdomain other than the aforementioned exception, you'll need a CNAME record. Here are the CNAMEs for transcendlinux.com:

mail IN CNAME mail.wackyfunster.com.
ftp IN CNAME transcendlinux.com.
www IN CNAME transcendlinux.com.

You'll notice I have 3 CNAME records: ftp.transcendlinux.com and www.transcendlinux.com (both of which are CNAMEs for transcendlinux.com), and mail.transcendlinux.com, which is a CNAME for mail.wackyfunster.com. This brings us to:

Step 4: Configure MX records. Every domain SHOULD have an MX record (if a domain doesn't have one, then delivery should default to the domain.com A record, however there is no absolute guarantee of RFC compliance in every application, so it is highly recommended that you have an MX record), pointing to whatever domain handles its mail. In this case:

transcendlinux.com. IN MX 10 mail.wackyfunster.com.

Because my mail is handled by mail.wackyfunster.com, I need an MX record for that domain. However, even if this domain was handling its own mail, it should have an MX record. Let's look at wackyfunster.com:

wackyfunster.com. IN MX 10 mail.wackyfunster.com.

It also has a MX record pointing to mail.wackyfunster.com, which in turn:

mail IN A 66.216.86.216

is an A record. There is also an A record for:

wackyfunster.com. IN A 66.216.86.216

and some CNAME records, including:

partytime IN CNAME wackyfunster.com.
www IN CNAME wackyfunster.com.
ftp IN CNAME wackyfunster.com.

Step 5 (semi-optional): Configure PTR/reverse DNS records. I say "semi-optional" because, while not strictly necessary, many mailservers will reject mail from domains that don't have a proper PTR record configured! Needless to say, if you want your server to handle mail, you need one of these! The thing to note is that a PTR record applies to an IP address, rather than a domain name, so unless you are handling your own DNS, you may need to contact your DNS provider to have this set. If we look at wackyfunster.com's ip (66.216.86.216) we see:

# host -t PTR 66.216.86.216
216.86.216.66.in-addr.arpa domain name pointer partytime.wackyfunster.com.

Best practice would probably be to have the IP reverse to wackyfunster.com or mail.wackyfunster.com, but that's not as much fun.

Step 6 (optional): Configure a TXT record for SPF. SPF is "a sender policy framework to prevent email forgery." Basically, it is a TXT record that specifies which domains should be able to send mail through a mail server. While not strictly necessary, many major mail providers such as gmail, hotmail, and yahoo look at this when classifying mail as spam, and it is becoming increasingly important, so I recommend setting this up. Doing so is easy, via a free web-based tool at openspf.org. Here's an example:

wackyfunster.com. IN TXT "v=spf1 a a:wastingyourlife.com a:wackyfunster.com a:rackspace.com a:transcendlinux.com ~all"

You can see that the following domains are allowed to send mail through this server: wastingyourlife.com, wackyfunster.com (this entry is redundant with the 'a' entry), rackspace.com, and transcendlinux.com. The ~all indicates that no other domains are allowed to send mail through this mail server.