The domain utn.se is managed at CloudFlare. CloudFlare is a free service that helps both optimize the access to web server by caching pages, but also protect the website against threats. It does this by interrupting a client from accessing the actual server if it might be a threat, it will challenge the user if in doubt of a malicious bot, and then serve the page from cache if possible.
CloudFlare keeps excessive data on requests, so it’s interesting to take a look once in a while.
The DNS records have been organized in a specific structure, making managing the DNS easier. The structure is as follows:
SPF records are essential when dealing with email since they increase the validity of the emails sent from the union.
SPF records tell email services which servers are allowed to send emails on behalf of the domain.
Most SPF records for UTN look like this:
v=spf1 a:babbage.utn.se a:pay.utn.se a:turing.utn.se include:_spf.google.com ~all
Make sure you check the SPF entry using a tool like MxToolbox.
Alongside SPF records, DKIM records exists as well. They are also essential in when dealing with email.
DKIM signs all emails on a domain with a key.
The same key is also put in the DNS for that domain.
This way, email providers can validate if the email acctually was sent from that domain.
The DKIM keys are created in GSuite under
apps -> gmail -> authenticate email.
When addin a DKIM to a subdomain, the name of the TXT entry must be (optional_prefix)._domainkey.subdomain
DMARC is also important when dealing with email. DMARC defines a policy for what to do with untrusted email and generates a daily report with the delivered and undelivered mail. DMARC is added to the DNS as a TXT Record and can be configured in many ways. DMARC can be added to a subdomain but can also just be added to the primary domain (utn.se).
The current configuration for DMARC is to let suspicious mail be delivered.