How to Check DNS Records: A Practical Guide for Developers

DNS — the Domain Name System — is the internet's phonebook. Every domain's DNS records determine where traffic goes, who handles email, and much more. Understanding how to read and query DNS records is an essential skill for any developer working with infrastructure, security, or fraud detection.

The main DNS record types

A record

Maps a domain to an IPv4 address. This is the most fundamental record — it's how example.com resolves to an IP your browser can connect to.

example.com.  A  93.184.216.34

AAAA record

The same as A, but for IPv6 addresses.

MX record

Mail Exchange — specifies which servers handle incoming email for the domain. Multiple MX records can exist with different priority values (lower = higher priority). Checking MX records is useful for:

• Validating that an email domain is real before sending
• Detecting which email provider a company uses
• Identifying domains that don't accept email (no MX = no inbox)

TXT record

Free-form text records used for many purposes, most commonly:

• SPF — v=spf1 include:_spf.google.com ~all — defines which servers are authorised to send email on behalf of the domain
• DMARC — v=DMARC1; p=reject; rua=mailto:... — email authentication policy
• Domain verification — Google, Stripe, and others ask you to add a TXT record to prove domain ownership

NS record

Name Server — identifies which DNS servers are authoritative for the domain. Useful for checking which DNS provider a domain uses (Cloudflare, AWS Route 53, etc.).

CNAME record

Canonical Name — an alias from one domain to another. www.example.com CNAME example.com means the www subdomain resolves through the root domain. Can't exist at the root/apex of a domain.

Why developers query DNS records

Email deliverability checks

Before sending to a new email address, check that the domain has MX records. No MX records = the address can't receive email = bounce guaranteed.

Security and phishing detection

Missing or suspicious SPF/DMARC records are a strong signal of a poorly configured or malicious domain. Phishing domains often lack proper email authentication.

Infrastructure discovery

DNS records reveal a lot about a company's tech stack — which cloud provider they're on, which email provider they use, which CDN fronts their traffic.

Certificate validation

ACME DNS-01 challenges (used by Let's Encrypt) require adding a TXT record to prove domain control during SSL issuance.

Querying DNS records via API

Rather than parsing raw DNS responses, you can get all record types in one structured call:

GET https://api.resolvdns.net/domain/github.com/dns
X-API-Key: zr_your_key

Response:

{
  "A": ["20.26.156.215"],
  "AAAA": null,
  "MX": ["github-com.mail.protection.outlook.com"],
  "NS": ["dns1.p08.nsone.net", "dns2.p08.nsone.net"],
  "TXT": ["v=spf1 ip4:192.30.252.0/22 include:_netblocks.google.com ~all"],
  "CNAME": null
}

TTL and caching

Every DNS record has a TTL (Time To Live) — the number of seconds resolvers should cache the record before re-querying. Low TTLs (60–300 seconds) allow quick changes during migrations. High TTLs (86400 = 24 hours) reduce DNS query load. ResolvDNS caches responses for 1 hour to balance freshness and performance.