Skip to main content

Recently I had an error with a domain smtp server not recognising port 587.  To begin to test what was happening I wanted to get some key information about the server.  My tool of choice was the dig command.  Using the dig command:

dig codebales.com

Understanding a DNS look up results from Terminal using the dig command.  This command causes dig to look up the A record for the domain name codebales.com or whatever you enter. To do this dig starts by looking in your /etc/resolv.conf file and querying the DNS servers listed there.  This response from the DNS server query is what dig displays:

; <<>> DiG 9.10.6 <<>> codebales.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44185
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;codebales.com.     IN  A

;; ANSWER SECTION:
codebales.com.    85437 IN  A 103.23.154.149

;; Query time: 35 msec
;; WHEN: Tue Dec 01 16:33:53 AEDT 2020
;; MSG SIZE  rcvd: 58

Lines beginning with ; are comments that are not part of the information received from the DNS server.  However, they do reflect some of the low-level protocol used in making the query.

The first two lines provide the dig version (9.10.6), the command line parameters (codebales.com) and the query options (printcmd). The printcmd option means that the command section (the name given to these first two line) is printed. You can turn it off by using the option +nocmd.

The bulk of the response is commentary.  Only the answer section tells us that codebales.com has the IP address 103.23.154.149.

If you want to only get the IP address, then you can cut down the output by using +short option:

dig codebales.com +short

which will drastically cut the output to:

103.23.154.149

 


Different types of DNS records

You can look up other details besides the A record.  Note that by default dig looks for the A record of the domain specified. The MX or Mail eXchange record tells mail servers how to route the email for the domain. You can examine your MX records using dig like this:

dig codebales.com mx

For me I used dig to look up smtp details of a site that I was working on.

 

Options available

If you want to see a complete list of dig options, then use the command

dig -h

You will see an output similar to 

Usage:  dig [@global-server] [domain] [q-type] [q-class] {q-opt}
            {global-d-opt} host [@local-server] {local-d-opt}
            [ host [@local-server] {local-d-opt} [...]]
Where:  domain   is in the Domain Name System
        q-class  is one of (in,hs,ch,...) [default: in]
        q-type   is one of (a,any,mx,ns,soa,hinfo,axfr,txt,...) [default:a]
                 (Use ixfr=version for type ixfr)
        q-opt    is one of:
                 -4                  (use IPv4 query transport only)
                 -6                  (use IPv6 query transport only)
                 -b address[#port]   (bind to source address/port)
                 -c class            (specify query class)
                 -f filename         (batch mode)
                 -i                  (use IP6.INT for IPv6 reverse lookups)
                 -k keyfile          (specify tsig key file)
                 -m                  (enable memory usage debugging)
                 -p port             (specify port number)
                 -q name             (specify query name)
                 -t type             (specify query type)
                 -u                  (display times in usec instead of msec)
                 -x dot-notation     (shortcut for reverse lookups)
                 -y [hmac:]name:key  (specify named base64 tsig key)
        d-opt    is of the form +keyword[=value], where keyword is:
                 +[no]aaonly         (Set AA flag in query (+[no]aaflag))
                 +[no]additional     (Control display of additional section)
                 +[no]adflag         (Set AD flag in query (default on))
                 +[no]all            (Set or clear all display flags)
                 +[no]answer         (Control display of answer section)
                 +[no]authority      (Control display of authority section)
                 +[no]besteffort     (Try to parse even illegal messages)
                 +bufsize=###        (Set EDNS0 Max UDP packet size)
                 +[no]cdflag         (Set checking disabled flag in query)
                 +[no]cl             (Control display of class in records)
                 +[no]cmd            (Control display of command line)
                 +[no]comments       (Control display of comment lines)
                 +[no]crypto         (Control display of cryptographic fields in records)
                 +[no]defname        (Use search list (+[no]search))
                 +[no]dnssec         (Request DNSSEC records)
                 +domain=###         (Set default domainname)
                 +[no]edns[=###]     (Set EDNS version) [0]
                 +ednsflags=###      (Set EDNS flag bits)
                 +[no]ednsnegotiation (Set EDNS version negotiation)
                 +ednsopt=###[:value] (Send specified EDNS option)
                 +noednsopt          (Clear list of +ednsopt options)
                 +[no]expire         (Request time to expire)
                 +[no]fail           (Don't try next server on SERVFAIL)
                 +[no]identify       (ID responders in short answers)
                 +[no]idnout         (convert IDN response)
                 +[no]ignore         (Don't revert to TCP for TC responses.)
                 +[no]keepopen       (Keep the TCP socket open between queries)
                 +[no]multiline      (Print records in an expanded format)
                 +ndots=###          (Set search NDOTS value)
                 +[no]nsid           (Request Name Server ID)
                 +[no]nssearch       (Search all authoritative nameservers)
                 +[no]onesoa         (AXFR prints only one soa record)
                 +[no]opcode=###     (Set the opcode of the request)
                 +[no]qr             (Print question before sending)
                 +[no]question       (Control display of question section)
                 +[no]recurse        (Recursive mode)
                 +retry=###          (Set number of UDP retries) [2]
                 +[no]rrcomments     (Control display of per-record comments)
                 +[no]search         (Set whether to use searchlist)
                 +[no]short          (Display nothing except short
                                      form of answer)
                 +[no]showsearch     (Search with intermediate results)
                 +[no]split=##       (Split hex/base64 fields into chunks)
                 +[no]stats          (Control display of statistics)
                 +subnet=addr        (Set edns-client-subnet option)
                 +[no]tcp            (TCP mode (+[no]vc))
                 +time=###           (Set query timeout) [5]
                 +[no]trace          (Trace delegation down from root [+dnssec])
                 +tries=###          (Set number of UDP attempts) [3]
                 +[no]ttlid          (Control display of ttls in records)
                 +[no]vc             (TCP mode (+[no]tcp))
        global d-opts and servers (before host name) affect all queries.
        local d-opts and servers (after host name) affect only that lookup.
        -h                           (print help and exit)
        -v                           (print version and exit)

 

Going back to my smtp query I was able to use port check such as 

dig codebales.com -p 587