I'm trying to establish a personal mail/calendar server at my home (yes, I've heard that it's difficult, it's a lot of trouble, and so forth, but I'd still like to try). I have an ISP that doesn't offer static IP addresses, so it looks like some sort of Dynamic Domain Name Service (DDNS) is the solution.
However, I've been doing research, and I've found at least a couple of online resources which explain that you can do DDNS yourself: you need to have a script/program which monitors your IP address periodically, and if the address changes, then the script/app needs to update whatever domain name you're using for your home servers (I happen to have a domain parked with a hosting provider for just this eventuality, and as I understand it, I just need the API key of the hosting company in order to adjust the necessary domain/IP records programmatically…someone let me know if I'm wrong on this and there's a simpler way).
Here's the thing: when you update your domain-name records in the fashion I've described above, I've read that it may take several hours to propagate throughout the system/world (all DNS servers have to be repopulated with your updated address). However, several paid DDNS providers I've been looking at seem to promote their ability to have the change take effect near instantaneously (or at least, faster than my DIY-method). Is that true? Is there something I've missed?
Also, I have another concern: are there any security issues I may be overlooking with having a DDNS provider? Won't they be able to monitor all the traffic flowing through the domain name they provide? Does anyone have an informed opinion with regard to which method (paid vs. DIY) might be better?
I appreciate your time…thanks!
Best Answer
You probably won't have much luck with the mail part. See @Alex's answer.
Pretty much that.
Yes, although if the company just provides a generic "host everything" service it might not have any DNS management API at all (focusing instead on web and mail) and you might need to move the domain elsewhere.
No. Only your DNS hosting provider's own systems have to be updated. The rest of the world doesn't keep a permanent record – it merely caches the results of individual lookups, for the duration indicated in each (sub)domain's "TTL" (Time To Live) field.
I would guess that they allow configuring a very low TTL on the dynamic domains (down to a few seconds), which means it'll drop out of any caches very quickly, at the cost of the DDNS provider itself receiving many more requests (higher load on their DNS servers and databases, and an excuse to charge you more). That alone isn't something special and could be implemented with any DIY method.
No. The DNS server only provides you with an address (much like a phone book) and is not involved in any further communication.
(Unless the provider actually attempts to return false data, which would considerably shorten the company's TTL the moment news websites learn about it.)
That said, do pay attention at how the API works; of course you can't be sure that the service doesn't have any vulnerabilities, but if (e.g.) the API runs over unencrypted HTTP and transmits the API key in plain sight, then that's not something you want to rely on.