CNAMES, SPF, DKIM....OH MY!

Ariel_Sasso
Level 4

CNAMES, SPF, DKIM....OH MY!

Well, I am running into a bit of a knowledge gap for me, and I cannot seem to find any documentations or blogs about this.

So all you geniuses, please help me!

I am working on a migration for a company that does not allow for sub-domains (info.company.com). They need CNAME setups, and DKIM/SPF records but I have never done this without a sub-domain. Is there a work around?

Could we use

xxcompay.com? Or will that not configure correctly?

Thank you, my wizzy friends!

Have you seen this issue before?

Ariel Sasso
3 REPLIES 3
SanfordWhiteman
Level 10 - Community Moderator

Re: CNAMES, SPF, DKIM....OH MY!

Technically, a zone apex, a.k.a. zone origin -- for the zone example.com, example.com is the apex -- cannot be a CNAME (alias) for another hostname. It can only be an A record pointing to an IP address.

But if you use a specialized DNS host that, in essence, breaks the rules (AWS Route 53 is what I'm thinking of specifically) you can set example.com to resolve to another remote hostname directly. I could get more into how that's done, but they'd have to commit to hosting their dedicated Marketo domain on Route 53.

The bigger ramification, though, is that Munchkin sessions won't be shared across parent registered domains by default (wait -- is that why you were asking me that other question before? ).

Ariel_Sasso
Level 4

Re: CNAMES, SPF, DKIM....OH MY!

Sanford, are you reading my mind?

They are wanting me to make the previous sub - domain used an  A record, and then build sub-domains around it. Which I am trying to avoid for the reasons mentioned.

Ariel Sasso
SanfordWhiteman
Level 10 - Community Moderator

Re: CNAMES, SPF, DKIM....OH MY!

Not sure exactly what you mean by "build subdomains around it"? Do you mean they want the Marketo LP domain to be example.com, and then sub1.example.com, sub2.example.com, etc. will be non-Marketo domains? Or they'll all be Marketo domains, but having the zone apex is a mandate?

Some of this makes sense, since I was talking to a client earlier today about setting up new microsites in Marketo on a special domain and had to point out that, if all pages for those domains are expected to work including the parent, then http​://example.com needs special treatment. But since I know them, I can set them up on Route 53. Do you think your client understands that they're asking for something that may require a special DNS (and, possibly, reverse proxy) setup?