DNS SRV not accepting Target conforming to RFC 2782

I’m configuring DNS for a new domain: christopherplain.com. My email provider (Fastmail) recommends an SRV record for non-secure connections with a Target of “.”:

_imap._tcp.christopherplain.com 0 0 0 .

This record conforms to RFC 2782 (RFC 2782 - A DNS RR for specifying the location of services (DNS SRV)):

A Target of “.” means that the service is decidedly not available at this domain.

When trying to create this record in the DNS settings page, I’m unable to save the record and a prompt above the Target field appears stating, “Match the requested format.”

Is there anyway for me to successfully create DNS SRV records with “.” as the target?

Hey @christopherplain,
I dug into this and the error you got was an HTML5 pattern validator on the form field:

pattern="^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9(\-)]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9](\.?))$"

So on the frontend, we’d expect something that would match that pattern, which ‘.’ doesn’t. That doesn’t necessarily mean we wouldn’t support a SRV record with ‘.’ as a target, but in practice… it means you can’t set that record in the UI today. I could try manually creating the record for you? That would be the quickest way to confirm whether we’d allow it, and we could file some feature requests depending on how that goes.

Let me know if you’d like me to try that.

Hi @jen,

Because of DNS issues I had over the weekend that took several days to rectify, I’d rather not try setting records with a Target of “.” if there is any chance it will cause issues. Is it possible to put in a feature request without me being the first to test? Since this confirms to RFC 2782, it makes sense that Netlify would support this Target value. However, if Netlify decides not to do so, would it be possible to add an update to the documentation.

To test, I manually set up dummy record for a domain I own and it seemed to go okay. You can check with dig srv netlify.horse. If that looks good to you, we’d be happy to manually create a similar record for you.

Either way, I’m filing a feature request to update the form validation on the frontend to support “.” as a target. I can’t promise if/when that will be implemented, but we’ll definitely post here if there’s movement on it!

Thank you, @jen. Appreciate you putting in the feature request.

Given you’ve tried this on another domain and seen no ill effects, I’ll give it a shot. Would you mind adding the following entries?

_imap._tcp.christopherplain.com	0 0 0 .
_pop3._tcp.christopherplain.com	0 0 0 .
_carddav._tcp.christopherplain.com	0 0 0 .
_caldav._tcp.christopherplain.com	0 0 0 .

Also do you know if it is possible to get this done via the netlify api createDnsRecord command? I tried but was unsuccessful. I’m not sure if it was due to user error or this is not supported via the CLI.

Hey @christopherplain,
Sorry for the slow response. But! I believe I’ve gotten those created for you. If they don’t work out, you should be able to delete them from your DNS dashboard here:

Of course, please let me know if that’s not the case!

As for creating DNS records via the api, yes, it should be possible. If you want to give it another shot, these are the key: value pairs I needed to create your SRV records:

dns_zone_id: zone.id,   # <---- you'll need to get this with a separate API call
hostname: "_caldav._tcp.christopherplain.com",
ttl: 3600,
port: 0,
priority: 0,
site_id: site.id, # <---- you'll need to get this with a separate API call
type: "SRV",
value: ".",
weight: 0

Let us know if that works for you.

@jen,

My turn to apologize for the belated reply.

Before I created this thread, I tried using the netlify api createDnsRecord command to set DNS records but was unsuccessful in doing so. I gave it another try since you said it should work. However, I continue to get the same parse error as I did previously. I’ve tried placing integers in quotes/out of quotes, yet nothing seems to work.

I have a feeling there is something simple I’m missing.

Any idea why this isn’t working?

~ % netlify api createDnsRecord --data '{"zone_id":"[REDACTED]","type":"SRV","hostname":"_foo._tcp.christopherplain.com","value":".","ttl":"3600","weight":"0","port":"0","priority":"0"}'
JSONHTTPError: Internal Server Error
    at parseResponse (~/.nodenv/versions/12.16.3/lib/node_modules/netlify-cli/node_modules/netlify/src/methods/response.js:12:11)
    at async callMethod (~/.nodenv/versions/12.16.3/lib/node_modules/netlify-cli/node_modules/netlify/src/methods/index.js:38:26)
    at async APICommand.run (~/.nodenv/versions/12.16.3/lib/node_modules/netlify-cli/src/commands/api.js:51:27)
    at async APICommand._run (~/.nodenv/versions/12.16.3/lib/node_modules/netlify-cli/node_modules/@oclif/command/lib/command.js:43:20)
    at async Config.runCommand (~/.nodenv/versions/12.16.3/lib/node_modules/netlify-cli/node_modules/@oclif/config/lib/config.js:172:9)
    at async Main.run (~/.nodenv/versions/12.16.3/lib/node_modules/netlify-cli/node_modules/@oclif/command/lib/main.js:22:9)
    at async Main._run (~/.nodenv/versions/12.16.3/lib/node_modules/netlify-cli/node_modules/@oclif/command/lib/command.js:43:20)

Not sure how the cli works but the method seems to need the zone_id as part of the url and not part of the request body. I’m not sure that specific method would work, though I’ve not tried it. I’d recommend filing an issue about that here: Issues · netlify/cli · GitHub. Alternatively, you can try the REST API directly (https://api.netlify.com/api/v1/dns_zones/{zone_id}/dns_records) as described here: Netlify API documentation.

Let me know if that makes sense.

This is still broken
I’ll try using the api instead but feel like this issue will be faced by many users.

I got it working using the netlify api. But there were some gotchas. I’ll just note down how I got it working incase someone else is stuck in the future.

1. You need your zone_id. I just ran netlify api listSites. The required value is under the key dns_zone_id.
2. Next you need to use the netlify api createDnsRecord command to create the actual record. It expects a json payload with two keys: zone_id and body. The fact that the record details needed to be under the body key wasnt documented properly. I found the answer here: createDnsRecord- JSONHTTPError: Unprocessable Entity · Issue #1327 · netlify/cli · GitHub

So taking @christopherplain’s need as an example, the required command would be:
netlify api createDnsRecord --data '{"zone_id":"[REDACTED]","body":{"type":"SRV","hostname":"_foo._tcp.","value":".","ttl":"3600","weight":"0","port":"0","priority":"0"}}'

The hostname just needs to be _foo._tcp.. Netlify will add the name part automatically.

Hey there, @har777

Welcome to the Netlify Forums! Thanks so much for sharing your workarounds here. This will definitely be beneficial for future Forums members who encounter something similar, so we appreciate it.

Unfortunately this didn’t work. The records do show up on the Netlify DNS page but isn’t getting propagated. It’s been 4 days so it should have propagated by now. I added some other entries via the UI too which failed to propagate. Not sure if using the api messed up something

Hi @har777,

Is there a domain name that we could check?

Yes its harishaji.com
Its missing SRV records(which I set via the cli), CNAME records and a TXT record.

Hi @har777,

Only 1 record was out of sync with the backend which I’ve manually added now. I can see that and all other records are being reported correctly when using Google Dig. Could you confirm?

Interesting. I still do not see any of those records. Tried dig as well as DNS Lookup - Check DNS Records

SRV, CNAME and 1 TXT record still missing. Maybe I should wait a bit more.

Interesting indeed, do you see the same results if you manually check each record here: Dig (DNS lookup)?

Yep same result. CNAME, SRV is empty. And TXT only has one record. I asked some others to check but they also see the same. We are all in India.

Just to be sure, you’re trying the actual domain, right? For example, I can see this:

image1186×424 36.2 KB

Ah damn you’re right. I was querying it wrong Everything shows up correctly now.