Warning:
DNS can be a confusing and complicated system. If you get something wrong in your set up, your email may start bouncing, or your website might stop working, and it can take hours or days to fix. For that reason, unless you understand what you're doing, or have been instructed explicitly by someone who knows what they're doing, we recommend that you don't modify the DNS for your domain.
DNS (Domain Name System) is the system used on the internet to translate domain names (e.g. www.example.com
, fastmail.com
, etc.) to actual machines to contact. The process of converting a domain name to a machine to contact is called a "lookup".
Each domain can have multiple different result types for a lookup, called "record types". The three most common record types are NS records, A records, and MX records.
- NS (name server) record lookups are used to work out what machine to contact for other record lookups. Generally when you register a domain, you need to specify the name servers to use for that domain, which are then used for all other record lookups.
- A (address) record lookups are used when you want to visit a website for a given domain (e.g.
http://www.example.com
). Each A record lookup returns an IP address which identifies a specific machine on the internet to contact to get the webpage. - MX (mail exchanger) record lookups are used when you want to send email to a given domain (e.g.
user@example.com
). Each MX record lookup returns a list of mail exchanger machines to contact to deliver email for the domain to.
DNS also allows other record types which are used for less commonly used services. We support adding custom DNS entries of the following types: A, AAAA, CNAME, LOC, MX, NAPTR, NS, SRV, SSHFP, TXT.
At this time, we do not support DNSSEC.
Default DNS records
If you don't specify custom DNS settings for a domain, then our name servers will publish a set of records for your domain. These can be viewed on the web interface by going to Settings → Domains, and then clicking Show DNS settings.
The default records we publish are suitable for most users' needs, but can be edited.
- All email for your domain (and subdomains) is directed to our servers.
- Web access for your domain (and subdomains) can be pointed to files in your file storage area.
- You can log in to your webmail at
http://mail.yourdomain.com/
. - Your mail is signed using DKIM.
- Email, calendar, and contacts clients can automatically discover their settings for your domain.
A full list of our default DNS records.
Custom DNS records
If you know exactly what you want to do, then the domain settings screen will let you create DNS A, MX, etc. records for your domain or subdomains, letting you specify exactly what DNS records to publish for the domains you have set up at Fastmail.
This lets you:
- Have email for your domain delivered directly to our servers, but have your website hosted somewhere else.
- Have email delivered to our servers, but set up a backup email server at another host.
- Have the website
www.yourdomain.com
hosted in your file storage area, but have the websiteblog.yourdomain.com
hosted on another server.
Setup
Follow our domain set up instructions, Once this is done, we will publish default DNS records (see above) for your domain. You can then go to Settings → Domains, edit your domain, and change the DNS records for your domain to whatever you want. Currently we support creating A, MX, CSV, CNAME, SRV, TXT and SPF records. We may add more in the future.
Wildcard DNS records
Fastmail supports wildcard DNS records for subdomains using the standard *
placeholder.
Note that wildcards only work for an entire subdomain. You can have *.mydomain.com
, but you can't have abc*.mydomain.com
.
If you specify a wildcard sub-domain, it's like a fallback value, and any specific entries you provide will override the wildcard. For example, if you have *.mydomain.com
, and also specify a record for abc.mydomain.com
, then the abc.mydomain.com
will be used when doing a DNS lookup on abc.mydomain.com
. The *.mydomain.com
record will be ignored.
Be aware that a specific entry for a sub-domain will override ALL records for that sub-domain. So if you have A and MX records for *.mydomain.com
, and you specify just an A record for abc.mydomain.com
, then there will be no MX records for abc.mydomain.com
. If you want MX records, you must also specifically add them.
Setting DNS for websites hosted outside Fastmail
If you have a website hosted at an external webhosting service, you need to add an entry to the DNS records for your domain to point to this service. Some website hosting providers only give you a CNAME record to point your domain to, not an IP Address.
IP Address web host
- Go to the Settings → Domains screen.
- Choose the domain you want to edit.
- Disable the default A rule for
yourdomain.com
if this is where your website is hosted. If your website will be hosted at a subdomain such asblog.yourdomain.com
, you can leave the default in place. - Add a new A rule using the IP address given to you by your web host.
CNAME only web hosts
Some website hosting places will only give you a CNAME record to point your domain to, not an IP address. This is trickier to set up and you have to be careful.
The core rule is: never set a CNAME record for your top-level domain (example.com), as this will break email delivery for your domain.
Instead, do this:
- Add a CNAME record for
www.example.com
(remember, thewww
is important) with the value set to your web hosting provider's server name. - Use the Files → Websites screen to create a redirect from
http://example.com
tohttp://www.example.com
, using the "Publish As" functionality.
This means anyone going to http://www.example.com
will directly access your web host's server, and anyone going to http://example.com
will be redirected by us to http://www.example.com
.
Redirections
If the service you want to use doesn't support a custom domain, you can use a redirect instead to send users who go to http://blog.yourdomain.com
to the hosted service (e.g. http://blog.bloggingservice.com
).
To do this, go to the Files → Websites screen and in the Create Website section at the bottom, choose Redirect to external site in the "Publish as" section.
DNS TTL (time to live) times
DNS entries have a TTL (time to live) value associated with them, which tells systems how long they can use a DNS value before checking again where the host machine is for a domain.
When you change the DNS nameservers or MX records for your domain, it can take a while before the new values are recognized everywhere. Usually TTL values are something like 10 minutes or an hour, but it can be many days. Once a system has cached a value, there's no way to force it to be cleared, you just have to wait the TTL time for the entry to expire.
Generally this isn't a problem, but it can be worth checking the TTL times on your existing DNS entries at your current DNS host before you change them to us. One way to ensure that the change over is fast is to do the following:
- Log in to your existing DNS provider.
- Check the current TTL time for your domain (either NS or MX records depending on what you're changing) and note this down.
- Change the TTL time for your domain to five minutes.
- Now wait for the old time-to-live you noted in step two. This will ensure that the old value expires from all caches on the internet, and any new lookups have the new TTL value.
- Make the DNS changes you want (e.g. change the nameservers to point to us).
- Wait five minutes (as per the TTL value you set in step 3) for all caches on the internet to have the new values.
- Increase the TTL times on your domain again to improve overall performance.