Verify domain ownership
There's lots of ways to do this. Listed in order of preference:
- microid
- whois (check email address and/or name)
- OpenID w/ delegation
- DNS TXT (or CNAME if you must)
- Insert HTML comment
<!-- verify code -->
into main page
I would recommend implementing some combination of these. The last one should be a measure of last resort for people who can't insert things into the <head>
section of their sites. Done well, many users might be able to claim ownership of their domain without having to take any action at all, provided they've supplied you with an email address already.
For the specific issue of getting DNS information, try this:
$ dig TXT google.com
; <<>> DiG 9.4.3-P3 <<>> TXT google.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4045
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;google.com. IN TXT
;; ANSWER SECTION:
google.com. 3600 IN TXT "v=spf1 include:_netblocks.google.com ip4:216.73.93.70/31 ip4:216.73.93.72/31 ~all"
;; Query time: 131 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Sat Oct 24 16:50:56 2009
;; MSG SIZE rcvd: 122
This particular query gives you the SPF entries for google.com
. You could just as easily do:
dig TXT verify.example.com
Then check the confirmation code in the answer section.