DNS Propagation Explained
What Is DNS Propagation
When you add or change a DNS record (SPF, DKIM, DMARC, CNAME), that change must spread to DNS resolvers worldwide. This process is called DNS propagation. It is not instant — it depends on the Time-to-Live (TTL) value of the record.
Understanding TTL
TTL is a number in seconds. It tells DNS resolvers how long to cache a record before checking for updates.
| TTL Value | Cache Duration |
|---|---|
| 300 | 5 minutes |
| 3600 | 1 hour |
| 86400 | 24 hours |
Lower TTL = faster propagation but more DNS queries. For initial setup, set TTL to 300 so you can make corrections quickly. Raise it to 3600 once everything is confirmed working.
How to Check Propagation
Online tools:
- dnschecker.org — shows results from 20+ global locations
- MXToolbox — specialized for email DNS records
- whatsmydns.net — real-time worldwide view
Command line:
# Check SPF record
dig TXT yourdomain.com
# Check DKIM record
dig TXT selector._domainkey.yourdomain.com
# Check DMARC record
dig TXT _dmarc.yourdomain.com
Why Propagation Seems Inconsistent
Your local machine may still show old records after you change DNS, because your ISP's resolver has cached the old TTL. Flush your local DNS cache:
# macOS
sudo dscacheutil -flushcache && sudo killall -HUP mDNSResponder
# Ubuntu/Debian
sudo systemd-resolve --flush-caches
Full worldwide propagation typically completes in 15 minutes to 48 hours depending on TTL and resolver behavior.