emailondeck logo

You are

NEW !!
Chrome Extension
Firefox Extension
API Access?
Advanced Features?
EmailOnDeck PRO

Insightful Articles:

Early History of Email
December. 30th 2022
Temporary Email for Bay Area FasTrak Violation
September. 10th 2020
How do spammers get your email address?
January. 4th 2019
Email Feedback Loops Explained
December. 29th 2022
Fighting Email Fraud with DMARC: How it Works and Why You Need It
January. 18th 2023
Use a temporary email address when buying or selling bitcoins.
November. 10th 2017

GoDaddy's _domainconnect DNS fail

Author:  EmailOnDeck
EmailOnDeck photo

GoDaddy has been secretly adding a C record to their customer's DNS zone file without notifying them.

We trust that our registrars, who often host our name servers, will leave our name server records alone after we have updated them. It's pretty much an un-written rule, that once you update your zone records, no one else will edit, delete or add records to your zone file without your permission.

When you first use GoDaddy's name servers, they have a lot of records pre-loaded. This can be helpful for some and for those who don't want them, it's simple to delete the records they pre-loaded.

However, after modifying your records, we've never seen or heard of GoDaddy adding, modifying or deleting zone records. They were under the customer's control to manage. Until now.

The zone record in question? It's a C name record that was added:
_domainconnect pointing to

Screenshot here:


GoDaddy does allow you to delete this record, which you should if you don't utilize it. You can find out more regarding the _domaincontrol C name record here.

The main issue here is GoDaddy should alert their customers before they make any changes to their zone records. Most likely GoDaddy thought they were doing people a favor by adding this record for them, but there's a plethora of issues that could and may have occurred because of this record addition.

And for these reasons, we give GoDaddy a #fail on this thing.

Be safe out there.

SSL and TLS certified