Welcome to the DomainOps blog

DomainOps spends most of its day watching the boring stuff — WHOIS expiry, SSL chains silently rotating, DNS records drifting, the occasional dangling CNAME — so that the people running the domains can focus on something else.

This blog is where we'll write up the patterns we keep seeing. Expect:

• Practitioner write-ups — concrete walkthroughs of the kind of misconfig we trip over week to week (SPF flattening gone wrong, DMARC failures hiding behind p=none, the surprising number of expired certs serving 200s).
• Product notes — when we ship something we think is worth pointing at, here's where it'll be written up.
• Field reports — the post-mortems we write when a portfolio domain breaks and what we'd recommend doing about it.

What you won't find: SEO-padded listicles, recycled vendor takes, or the same "10 ways to monitor your domain" article you've already read elsewhere.

What's in the queue

A few that are already drafted:

1. The anatomy of a clean SPF record — what the spec actually says, what every mail provider quietly assumes, and the lookup-count trap most teams hit by month six.
2. Subdomain takeover: the dangling-CNAME class — the variant we see most often, how to find them in your own portfolio, and the 10-minute fix.
3. Reading a WHOIS response — registrar codes, status flags, the bit nobody tells you about gTLD vs ccTLD differences.

If there's something specific you'd like a write-up on, the address in the footer is real — drop us a line.