4

We have our email hosted at Google Apps, and have our DNS servers for the domain setup at Namecheap.

About a month ago our website went down (not a big deal, since it's most just a contact info page), but we were also unable to receive email for several hours. I narrowed down the cause to the DNS server at Namecheap. I contacted them via live chat and they said they were working on mitigating a DoS attack. The DNS servers came back up not too much longer.

Today, they are being hit by another DoS attack. This one is a big one (the previous one only seemed to effect a few people). We cannot receive ANY emails right now.

Our TTL on our MX servers is set to about 1 hour (I can't verify since all of Namecheap is down right now). Would setting a longer TTL help mitigate future problems like this?

Thanks!

HopelessN00b
  • 53,385
  • 32
  • 133
  • 208
Peter
  • 41
  • 1

2 Answers2

4

Q: Would setting a longer TTL help mitigate future problems like this?

A: Only for those hosts that have your MX record cached before the attack occurs. Any hosts that don't have it cached will need to look it up and will not be able to.

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • That makes sense. Any recommendations on how to prevent downtime in the future? I was looking at Amazon Route 53, would that be a more reliable DNS provider? – Peter Feb 20 '14 at 18:30
  • Moving the name servers to another provider (and possibly moving the domain name to another Registrar) is probably the only solution. I can't give any specific recommendations on who is "better" but I've used NetSol and DynDNS name servers for years without issue. – joeqwerty Feb 20 '14 at 18:37
  • I've used Namecheap without problems for years too. This problem has only recently popped up. – Peter Feb 20 '14 at 18:57
4

As Joequerty's already said, increasing the TTL can help as long as the sending servers already have your records cached. However on the flip side, if you need to update your MX records for some reason in the future, the more you increase the TTL the longer you'll have to wait before everyone will have picked up those changes. It can be a balance between the two and you have to decide which is more likely to happen, and in the event of it being required, which is likely to cause the most downtime.

Hopefully these two events are the exception rather than the rule, but personally I'd be thinking more about moving the domain to a more robust host than adjusting the MX records.

Keith Langmead
  • 235
  • 2
  • 10
  • When they actually plan the move they can readjust the TTL – miniBill Feb 20 '14 at 20:01
  • I've been looking at Route 53 at Amazon and also Cloudflare has a free DNS service as well. It's been several hours and emails are still bouncing periodically. Sometimes they get through, sometimes they don't. – Peter Feb 20 '14 at 20:01
  • That's alright if it's a planned move, but if it's unexpected there's nothing you can do. – Keith Langmead Feb 20 '14 at 20:27