Dedicated servers. DNS. Operating principles, basic notes What is a code word

Inexpensive hosting will be a good start for beginners and is suitable for creating static HTML sites. If your project grows into a commercial resource, you can always choose a more powerful hosting plan with support for PHP and MySQL, for large, high-load sites and professional platforms. Electronic document management (EDF) is available for legal entities (including LLCs), which allows you to quickly exchange documents and carry out transactions with hosting and domain services.

Specifications hosting include high-performance SSD RAID, Linux CentOS or Windows for ASP.NET with support for Python, Java, PHP, Perl and the Django framework (on tariffs starting from Host-A). TO ftp server access is provided via FTP and SSH protocols.

The security of your website is important to us, so in addition to the hosting service you will receive for free:

• protection against DDoS attacks;
• unlimited traffic;
• double anti-virus scan;
• SSL certificate.

For better site security, you can additionally order treatment of infected files and advanced spam protection.

When you transfer hosting to REG.RU to any tariff, you will receive a month of service as a gift!

DNS(English Domain Name System - domain name system) is a system that allows you to convert symbolic domain names into IP addresses (and vice versa).

Domain- a certain zone in the Internet domain name system (DNS), allocated to a country, organization or for other purposes.

How DNS works

The domain name system has a hierarchical structure using an arbitrary number of components (domain), separated from each other by a dot ( . ). On the Internet, the root domain or domain top level managed by the InterNIC center. A system of two-letter top-level domains has been created for each country (about 300):
-USA, -Canada, -Germany, -Russia, -former USSR, -France, -Finland, -Italy, -Switzerland, -Great Britain.
And also for various types organizations:
-commercial organizations;
EDU-educational establishments;
GOV- government agencies;
MIL-military institutions;
- other organizations;
-network resources.

In Russia, the “RU Domain Coordination Center” is responsible for the .RU domain.

To determine an IP address from a domain name, the DNS service is used, which consists of many DNS servers containing distributed database displays" Domain name- IP address." Every network must have at least one DNS server that maintains a local domain name database and looks up the IP address of the domain name.
This search is carried out as follows:

• a query is made to the local DNS server;
• if the DNS server knows the answer, it returns it to the client (the corresponding entry is in its table or cache);
• if the DNS server does not know the answer, it follows the link to the next DNS server until the corresponding record is found (recursive scheme).

A host name and an IP address are not identical - a host with one IP address can have many names, allowing you to support many websites on one computer (this is called virtual hosting). The reverse is also true - one name can be associated with many IP addresses.

Reverse DNS lookup

DNS is used primarily to resolve symbolic names to IP addresses, but it can also perform the reverse process. For this purpose, existing DNS tools are used. The fact is that various data can be associated with a DNS record, including a symbolic name. There is a special domain in-addr.arpa, entries in which are used to convert IP addresses into symbolic names. For example, to obtain the DNS name for the address 11.22.33.44, you can query the DNS server for the record 44.33.22.11.in-addr.arpa, and it will return the corresponding symbolic name. Reverse order recording parts of an IP address is explained by the fact that in IP addresses the high-order bits are located at the beginning, and in symbolic DNS names the high-order (closer to the root) parts are located at the end.

DNS records

Let's take a closer look at DNS records and why they are needed:

SOA Record(start of authority record) indicates on which server the reference information about this domain is stored:

Start Of Authority
example.org. 86400 IN SOA ns1.agava.net.ru. noc.agava.com. (
2006092102 ; Serial
10800 ; Refresh
1800; Retry
3600000; Expire
86400); Minimum TTL

This record is created when a zone is created for a domain. If this entry does not exist, the registrar receives error messages like:

It is not possible to obtain an SOA record for the EXAMPLE.ORG domain from the ns2.agava.net.ru.(89.108.64.2) DNS server.

The name field can contain the @ symbol to indicate the name of the current zone. In this example, you could have used @ instead of example.org.

There is no time field. The class is IN (Internet), the type is SOA, and the remaining elements make up the data field.

Server ns1.agava.net.ru is the main name server for this zone.

The noc.agava.com entry specifies an email address for technical contacts in the format user.machine (not user@machine).

Serial- Serial number. Serial number of the zone file. It should increase every time changes are made to the domain data. When the secondary server wants to check whether data needs to be updated, it checks the SOA record serial number on the primary server.

Refresh- Update. Time in seconds that determines the frequency of checks by the secondary server serial number on primary and starting new exchange, if there is new data on the primary one.

Retry- Repeat. When the secondary server is unable to connect to the primary server after the update time has expired (for example, if the host is down), this value determines the delay time in seconds between update retries.

Expire- Term. If repeated upgrade attempts are unsuccessful within this time, the secondary server destroys its copy of the zone file(s) data and stops responding to requests for that domain. This helps stop the repetition and circulation of very old and potentially inaccurate data.

TTL- Lifetime. This field specifies the time, in seconds, that a resource entry for this zone remains valid in the cache of other servers. If the data changes, this value should be small. TTL is a commonly used acronym that stands for Time To Live.

NS entry(name server) points to the DNS server for this domain.

NameServers
example.org IN NS ns2.agava.net.ru
example.org IN NS ns1.agava.net.ru

Also, for domains below the second level, we can add DNS to partner servers, for example:

love.example.org IN NS ns2.loveplanet.ru
love.example.org IN NS ns1.loveplanet.ru

This will work provided that a zone for these domains is created on the loveplanet.ru servers.

MX Record(mail exchange) or mail exchanger specifies the mail exchange server for a given domain.

Mail eXchangers
example.org IN MX 10 cluster.relay.agava.net
example.org IN MX 20 mail.example.org

The number in front of "cluster.relay.agava.net" is the priority value, a lower number means higher priority. MX records are used by the email system to route mail more efficiently. Using MX records, mail messages are sent not directly to the recipient, but to the mail server on the recipient's node.

In the above example, mail will arrive to the cluster.relay.agava.net server first (priority 10

Record A(address record) - an address record associates a host with an IP address.

Internet Addresses
example.org IN A 192.0.2.77
This entry can be viewed using the host command (for *NIX systems):
$ host example.org
example.org has address 192.0.2.77

The main purpose of an address record is to establish a correspondence between a machine's domain name and an IP address. In fact, this is the main task of the entire domain name system. For this reason, the resource description address record is one of the key zone description records.

Here we will touch on the question of how to change the MX record for your domain. To do this, you need to write us an application from your contact e-mail (for individuals) or send us a scan of the application letter in free form on the organization’s letterhead with the seal and signature of the manager or responsible person (for legal entities) with a request to change/add MX record, specify the IP or name of the new mail server.

CNAME record(canonical name record) or canonical name record is used to redirect to another name.

CNAME denotes the canonical name or synonym of an existing hostname, which must have an A record. Example:

love.example.org IN CNAME loveplanet.ru

SPF records (Sender Policy Framework), which prevent spammers from sending letters on behalf of domains that do not belong to them.

SPF allows the domain owner to specify a specially formed string in the TXT record of the DNS server indicating the list of servers capable of sending email messages on behalf of this domain.

Mail Transfer Agents receiving mail messages can query SPF information using a simple DNS query, thereby verifying the sender's server.

Example of SPF data in a DNS TXT record:

example.org. IN TXT "v=spf1 a mx -all"

v= specifies the version of SPF to use. The following is a list of verification mechanisms: in this case, “a” and “mx” allow the sending of letters for all A and MX records of the example.org domain. The line ends with "-all" - indicating that messages that fail verification using the listed mechanisms should be ignored.

PTR Record(Pointer) - record-pointer of the “reverse zone”.

The task of finding a domain name by IP address is the reverse of the direct task - finding an IP address by domain name. As mentioned above, the direct problem is solved in DNS using records of type A (Address). The inverse problem is solved using pointer records of the PTR (Pointer) type, which, together with SOA and NS records, constitute a description of the so-called “reverse” zone.

The “reverse” problem is solved by a special domain, the structure of which coincides with the structure of IP addresses. This domain is called IN-ADDR.ARPA. We will not go into the intricacies of his work here; you can read about it in detail at:
Let us only note that We do not register PTR records, due to the impossibility of this operation on virtual hosting.

SRV records(Server selection) indicates the location of servers for certain services, for example, Jabber, Active Directory.

Purpose of the product

Every day, while using email, we all receive a large number of unwanted, advertising correspondence. When communicating online, we leave our email address on certain resources, which is found by robots that check servers for availability. postal addresses. The lists of addresses collected by robots are then used by spammers to send junk in the form of advertising that the user did not subscribe to and which he does not need at all. Despite the fact that the fight against spammers is becoming tougher from year to year, attempts are being made to introduce legislative bans on sending spam, the flow of unwanted correspondence is only increasing.

To solve this problem, many mail services use specialized software that works in conjunction with mail servers, analyzes incoming mail and filters out some unwanted correspondence. However, not at all mail servers There is protection against spam, and in such cases the user is forced to manually sort incoming correspondence. AGAVA company offers all users a program Spamprotexx, which filters all incoming mail, evaluates each letter and, if spam is detected, moves it to a special folder in the mail client.

In this review, we will look at the capabilities of Spamprotexx, test its operation and evaluate the quality of spam filtering.

To familiarize yourself with the program's capabilities, you can download a fully functional version that will work for 30 days. At the end of this period, the program must be buy. Its price is 10 dollars. The size of the distribution is 1.2 megabytes.

Installation

The installation of Spamprotexx is completed by a wizard who asks several standard questions during the installation. To complete the installation of the program, you must restart your computer.

Interface

The main window of the program is shown in the figure below.

The purpose of the settings is clear from their names. You can change the two default email addresses for filter training. During the work process, either “breakthrough” spam or normal letters should be sent to these addresses. The filter will evaluate and adjust its further work based on the evaluation results. The label is also set here. which will be added by the filter to the subject of spam emails.

On the tab Friends shown in the figure above, you can fill in a list of addresses from which mail will not be scanned by the filter. On the same tab, you can tell the filter to learn from letters from friends, as examples of non-spam letters. All recipients of letters to whom the user writes are automatically added to the friends list.

This tab contains a list of ports that the filter listens to and the port number to which connections are forwarded mail client for filtering. All port numbers can be changed, as well as added or removed.

Using the slider on this tab, you can adjust the sensitivity of the filter. After the filter evaluates the letter using the Bayesian algorithm, it will compare the score received by the letter with the response threshold specified on this tab. The higher the response threshold, the higher the score a letter must receive in order for the filter to mark it as spam. Thus, increasing the response threshold leads to the filter passing more messages that may be spam.

On the last tab Statistics summary information about the operation of the filter, statistics on filter activations, and the state of its training process are displayed.

Right-clicking on the tray icon opens a menu with which you can configure automatic check program updates, view the filter operation log and temporarily disable it.

Working with the filter, training it

The filter's operation is based on the Bayesian algorithm, which evaluates each incoming letter. The Spamprotexx developers have attempted to solve several known problems in the operation of filters using the same algorithm. In detail they described on the developer's website, so we'll look at them briefly.

• Spamprotexx has a mechanism for correcting errors in training, when a letter may be mistakenly sent by the user to the filter database as spam. To correct such an error, it is enough to forward the same letter to the filter database again, but this time as not spam. Spamprotexx will delete the first, erroneous entry.
• Some filters may overtrain, receiving a lot of typical, identical emails as examples of spam. Such filters will gradually assign higher and higher ratings to similar emails. Spamprotexx pre-evaluates the letter, and if he can evaluate it, then the letter will not participate in training.
• The filter analyzes html in letters, paying attention to, for example, text highlighting in color and font size. Due to the fact that html is “parsed”, the filter does not include html tags in the lists of spam words, it pays attention to the characteristic signs of spam. For example, it is unlikely that someone in regular correspondence will highlight several words in bold red font size 24.
• Due to the fact that the filter pays attention to letter headers, even very short letters will be correctly evaluated by it.
• Spamprotexx has a list of short, frequently used words and does not pay attention to them when evaluating a letter. For example, prepositions can be used both in spam emails and in normal correspondence. Therefore, the filter does not evaluate the letter based on such words.

Working with the filter is as simplified as possible for the user. After installing the filter, two baskets appear on the toolbar of the email client.

Training the filter comes down to simply dragging spam and non-spam emails into the appropriate trash bin with the mouse. The second way to learn is to forward the letter as an attachment to one of two virtual addresses that are configured on the tab Are common. Such letters are not sent anywhere, but are analyzed by the filter and used in the future to evaluate new incoming letters.

Immediately after installing the filter and receiving mail for the first time, the filter added a label to the subject of two spam emails. The user is given the opportunity to set up a rule for such letters; they can be moved to a special folder or deleted immediately. Thus, the filter starts working immediately after installation and does not require preliminary training. It is likely that some well-written spam emails will not be marked as spam by the filter. For such cases, the trash can is intended on the toolbar of the email client, where you should move spam emails missed by the filter. Unfortunately, this method only works for Outlook and Outlook Express. For other email clients, there is a second way to train the filter: forwarding a spam letter to a special, virtual address. In the same way, you can “explain” to the filter that the letter it has flagged is not spam. The filter will analyze such a letter and take into account its characteristic features in the future to evaluate new incoming letters. For TheBAT! AGAVA offers plugin, the installation of which will eliminate the need to forward letters to virtual addresses and it will be enough to choose from context menu one of the points Mark as spam or Mark as not spam.

Conclusion

Spamprotexx is an easy-to-use and effective anti-spam tool. The filter is very easy to train, works with any email clients and can analyze email traffic passing through any ports, not just standard ones. Unfortunately, the simple method of dragging spam emails not recognized by the filter to the trash can only works in Microsoft email clients. In all other clients, the letter must be manually sent as an attachment to one of the virtual email addresses, with the exception of TheBAT!, for which there is a special plugin. The filter begins to work immediately after installation; further training only improves the quality of work, but is not mandatory. The developers took into account the shortcomings of other anti-spam tools and created procedures in the filter to solve some fairly well-known problems in the operation of this class software. The price of the product is only 10 dollars. This is another compelling argument in favor of purchasing it and using it as an excellent addition to a firewall and antivirus to create the most comfortable and safe environment when working on the Internet.

Every mail client has its own interface for configuration.

Some client programs require you to enter all settings manually, while others receive settings automatically from the provider database.

Let's look at the basic steps that are performed when setting up any email client. This information can be used to most settings mail programs .

To use mail services, you need to register Mailbox on the mail provider’s website, enter your username and password to access your mail; you must remember or write down the password. Your email address will look like - your-login@provider-site.

In this article you will find information about settings for several popular email providers.

To receive or send mail, authorization is required; for this, you must indicate your login and password in the appropriate fields when setting up the client. You may have to do this when setting up an incoming mail server and a server for sending messages, but most email clients remember the data you enter and subsequently use it automatically.

Let's define the terminology used in this article:
• SMTP - Simple Mail Transfer Protocol, literally - a simple mail transfer protocol. Allows you to transfer messages from the user’s computer to the server and further along the chain of servers.
• POP3 - Post Office Protocol 3, literally - protocol post office. Contains commands for connecting to the server and downloading messages to the client computer.
• IMAP - Internet Message Access Protocol, a protocol for accessing e-mail. Provides the ability to access emails, stored on the server, without downloading the contents of letters and attachments to the local computer.
• Mail provider (ISP) is the email address of a site that provides a mail service, for example mail.ru. As a rule, incoming and outgoing mail servers are run on its subdomains.
• Incoming mail server - the email address of the server to which the mail client must connect to receive mail, for example pop.yandex.ru or imap.yandex.ru.
• Outgoing mail server - the email address of the server to which the mail client must connect to send mail, for example smtp.meta.ua.

Setting up incoming mail:

There are two protocols used to receive mail - POP3 and IMAP, select the protocol you need, preferably select IMAP if your mail provider supports it.
If the client program supports traffic encryption, install the SSL/TLS method for greater security.
Enter the incoming mail server address and port number; the necessary data for this can be found in the table below:

Setting up outgoing mail:

The SMTP protocol is used to send mail; you just have to choose whether to encrypt the traffic or not. It is preferable to use SSL/TLS if your email client supports encryption.
To fill in the fields corresponding to the outgoing mail server address and port number, use the information in the table below:

Save your settings and test your email client.