1. Home
  2. Knowledge Base
  3. CNAME Record

CNAME record

DNS CNAME: basic concepts

CNAME or canonical name is registered and stored in DNS (Domain Name System). It is a type of a DNS record representing an alias or alternate name for an existing domain or subdomain of an organization.

They are commonly used when you want one domain or subdomain to point to another domain. Technically, this involves redirecting the user from the requested http or www address like www.userequest.example.com (a subdomain) to a separate hosting provider or platform (also known as root domain) - example.com - through the canonical name record in DNS. A canonical name or CNAME is a name for the root domain.

In other words, these records provide a way to create aliases or alternate names for domains and subdomains, allowing you to easily redirect traffic or link multiple domains with the same destination.

These records play a significant role in the activity of organizations and businesses serving as a helpful digital solution. They play a crucial role in the operations of companies that offer diverse services online. There can be several subdomains owned by one company, but only on root domain for all of them.

CNAME for mail web service

A CNAME (Canonical Name) can also be employed in the context of mail web services, to establish a connection between a company's designated domain name and the one provided by a third-party email provider. When a company sets up its mail exchange infrastructure and wants to outsource its email services or use a different domain name for email traffic, it selects a mail service provider to handle the sending and receiving of emails. The provider assigns a domain name to the company for accessing its mail. However, it may not always be user-friendly or visually appealing. Additionally, the company may prefer to incorporate its own name into it for easier identification by users. In such cases, a CNAME record proves to be useful.

CNAME registration

For the above reasons, the company takes the initiative to register its canonical name within the DNS system. It can be done easily by accessing the DNS management console and doing all the necessary settings. The record may include the company's name mail.uniquename.com functioning as a subdomain. The purpose of this subdomain is to serve as a nickname or alias for the "true name" designated by the service provider. By utilizing the CNAME record, the user is seamlessly redirected to the web service responsible for handling the company's mail. The "true name" assigned by a provider may look like this webmail.provider.com. So, the record will have the following view:


The example of a canonical name record

In this example:

  • Subdomain is an alias or a nickname;
  • Type is a type of a DNS record;
  • TTL is time in seconds for the record to be cached by DNS resolvers before being checked for updates;
  • Canonical name is a "true" domain name for the company's mail server assigned by a provider.

How it works

CNAME record: how does it work?

STEP 1

Create a query

First, the query is created by the user in a browser - mail.uniquename.com.

STEP 2

DNS lookup

DNS lookup starts. DNS server finds out that the domain name provided by the user doesn't point to the root resource and restarts the query.

STEP 3

Search for canonical name

On finding a match - webmail.provider.com, it returns the IP address to the mail service.

STEP 4

View response

Finally, the user can view their email web client with messages on a computer screen.

The type of record for the resolver can be set in advance. In this case, the resolver will return a canonical name at once without restarting a query.

The process of domain name redirectLayer 1 < > < > < > < > < > < > < > < > user's http request mail.uniquename.com DNS canonical name webmail.provider.com webmail service provider CNAME record look up - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http response mail service email webclient >

How to check a CNAME record?

One of the easiest ways for a nslookup is a dig command which is accessible in the Linux or Mac terminal. In our case, the command and its result will look like this: 


usr@usr-lap:~$ dig cname mail.uniquename.com

; <<>> DiG 9.18.12-0ubuntu0.22.04.1-Ubuntu <<>> cname mail.uniquename.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4726
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;mail.uniquename.com. IN CNAME
;; ANSWER SECTION:
;mail.uniquename.com. 600 IN CNAME webmail.provider.com.
;; Query time: 51 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Tue Jun 13 10:42:37 MSK 2023
;; MSG SIZE rcvd: 59

where the first line is the command, and the result can be seen in the ANSWER SECTION.

Alternatively, you can use nslookup online tools for this purpose provided for free.

Benefits of CNAME records

The importance of canonical names in web mailing is quite obvious. If your business can not afford to have its own server for handling emails, the easiest way out is a third-party email provider to manage the traffic. More than that:

  • They are easy to set up
  • Provide seamless access to mail for all staff members
  • Make it possible to customize domain systems
  • Allow to access your mail from any device
  • Can easily change the destination of the domain by updating the DNS settings of the target domain

Additionally, using a canonical name for redirecting email traffic will substantially increase the data safety, as providers use their own security measures that will serve as an extra shield against data leak.

Useful tips

  • A (AAAA) record is not the same: CNAME record is often taken for an A record. It should be remembered that a CNAME record never points to an IP address but to another domain name, while an A record is always the server's IP address.
  • One is enough: it's inefficient to create more than one record for the canonical name. The process of their matching considerably slows down the total performance of data exchange.
  • Safety: always check your DNS records for validity. While they are easily identified, your data is safe. This provides protection against leaks of user credentials.

Frequently asked questions

You might also want to know

When should I use a CNAME record?

CNAME records are commonly used when you want to create a subdomain that points to another domain or when you need to set up services such as content delivery networks (CDNs) or third-party email providers.

Can I create a CNAME record for the root domain?

No. To point the root domain to another domain, you can use an A record or an Alias record (available in some DNS providers).

Can I have multiple CNAME records for the same subdomain?

No, you cannot have multiple CNAME records for the same subdomain. DNS standards prohibit having conflicting CNAME records. However, you can use other record types like A records or Alias records to achieve similar functionality.

Can a CNAME record point to an IP address?

No. They can only point to a domain name.

Can I create a CNAME record that points to another CNAME record?

Yes, it is possible. However, it is generally not recommended due to potential resolution issues and increased DNS lookup times.

How does the CNAME record help protect against data leaks?

When using a third-party email service provider, you can configure a CNAME record to point your email subdomain to their servers. This allows you to outsource email handling while maintaining control over your primary domain. By leveraging the expertise and security measures implemented by the email service provider, you can enhance data leak prevention and reduce the risk of email-related vulnerabilities.

See also:

For your clear understanding of email transmission processes and better mail management, learn how to retrieve and process the information hidden in an email header. By tracing IP addresses or identifying domain names, you can define the legitimacy of the source and more. Our Email Header Analyzer can help you with that.