Domains and DNS: the mistakes small businesses make (and how to avoid breaking email)

Domains and DNS are one of those “set it once and forget it” topics, right up until something breaks. Then it’s urgent, confusing, and usually happening at the worst possible time.

If you run a small business, the most common problem is not that DNS is complicated. It’s that people think it’s something it isn’t. They mix up the domain, the DNS host, the website host, and the email system. Then one small change turns into a full outage.

This article clears up the misconceptions that cause the biggest messes. No jargon-heavy deep dive. Just the bits you need to stay in control and avoid breaking email or your website.

1) The biggest misconception: “the domain, DNS, and hosting are the same thing”

This is the core misunderstanding that drives most domain-related disasters.

A domain is an address, not a server

Your domain (for example, yourcompany.co.uk) is an internet address. It is not your website. It is not your email. It is not “where your files live”.

You register a domain through a registrar. A registrar helps you register the domain, but the domain itself is managed within the wider domain registry system. In practice, you are paying for the right to use that name, not buying a physical asset you can store on a laptop.

DNS is the signpost system

DNS (Domain Name System) is the set of records that tells the internet where to find things for your domain.

It tells browsers where your website is. It tells other mail systems where to deliver your email. It can also be used to prove you control the domain when setting up services.

The DNS records for your domain live on DNS name servers. The name servers that hold the official records for your domain are called authoritative name servers.

Your registrar is not always your DNS host

Some companies do both jobs (domain registration and DNS hosting). Some only do one. That’s why two businesses can both “use GoDaddy”, but their DNS is actually hosted somewhere else entirely.

A simple way to think about it:

• Registrar = where the domain is registered.
• DNS host = where the DNS records are actually stored (the authoritative zone).
• Website host = where the website runs.
• Email provider = where your mailboxes live (Microsoft 365, Google Workspace, etc.).

Registrar vs DNS host confusion is so common that major security and infrastructure companies publish specific explanations about it.

The practical takeaway: before you change anything, you must know where your DNS is hosted, and who can log into it.

2) “My web designer / IT person owns the domain, that’s fine”

This is one of the most expensive misconceptions because it can look fine for years. Then it fails suddenly.

What “fine” looks like right before it goes wrong

• The domain is registered in a personal account you cannot access.
• Renewals are tied to someone else’s card.
• 2FA codes go to an email address you do not control.
• Nobody in the business knows the registrar, the DNS host, or where the records are managed.

When the person who “sorted it” disappears, you lose control over the thing your email and website depend on. If the domain expires, email can stop and your website can vanish from the internet. Even if it gets fixed later, the downtime and reputational damage can be real.

What you want instead

You want the business to control the domain and DNS access, even if suppliers manage changes day to day.

That means:

• The registrar account is owned by the business (not a contractor).
• At least two trusted people have access (with 2FA set up properly).
• Renewals are on a business payment method.
• There is a simple record of where DNS is hosted and who can edit it.

This is not “being paranoid”. It’s basic operational control. It’s the same mindset as having access to your business bank account, not just trusting that someone else will “handle it”.

If you’re setting up Microsoft 365 or fixing business email problems, domain control and DNS access are non-negotiable. That is why we treat it as part of the wider setup process, not a side task. You can see the broader setup context here: Microsoft 365 setup guide.

3) “DNS changes happen instantly” (and the propagation misunderstanding)

People often make a DNS change and expect it to work immediately. When it doesn’t, they panic and start changing more things. That’s how one small change becomes a messy outage.

Why DNS can appear inconsistent for a while

DNS is cached. Different networks and devices can hold onto old information for a period of time. A common label you’ll see is “DNS propagation”.

When you change name servers (moving DNS hosting from one provider to another), it can take time for those changes to spread and for caches to update. Some registrars and hosts warn it may take up to 24 to 48 hours.

That does not mean it always takes two days. It means you must plan changes as if parts of the internet might see the old records for a while.

Why this matters for small businesses

If you change website DNS, you might “only” break the website for some visitors.

If you change email DNS, you can end up with a split-brain situation where some mail systems deliver to the new place, some keep delivering to the old place, and some reject messages because the security records no longer line up.

A safer way to approach DNS changes

This is not a step-by-step tutorial. It’s the decision logic that keeps you out of trouble:

1. Decide what you are changing (website, email, or both). Do not mix them casually.
2. Confirm where DNS is hosted and who has access before you start.
3. Make one change at a time, then wait and verify before making more.
4. Keep a rollback plan (know what the previous values were).
5. Avoid “late Friday” DNS changes unless it is an emergency.

If you want the business owner version of this: DNS changes should be treated like changing locks. You do not do it in a rush, without knowing who has the keys.

4) “DNS is only for the website” (email is usually the first thing to break)

A lot of small businesses think DNS is basically “the thing that points the domain to the website”. That’s only part of the story.

Email depends on DNS

Email delivery relies on DNS records that tell other mail systems where to send messages for your domain. Those records are typically published in DNS and read by mail servers around the world.

That’s why email cutovers and “quick fixes” often go wrong. Someone updates website-related settings and accidentally deletes or overwrites email-related records in the process.

Security records are part of the picture too

Many businesses also have DNS records used for verification and email security. These are the records that help other providers trust your mail and reduce spoofing risk.

You do not need to memorise acronyms to understand the risk: if you remove the wrong email-related records, you can cause delivery failures or increase the chance that your messages land in spam.

Two common real-world failure modes

• Website rebuilds: the web developer “cleans up DNS” and email breaks the next morning.
• Changing hosts: someone points the domain at a new provider, but forgets that the email system is separate.

If your business email is on Microsoft 365, this is exactly why the setup needs to be done properly and documented. You can start with the non-technical overview and checks in the Microsoft 365 Starter Kit.

5) “As long as it’s working today, it’s safe” (the slow-burn risks)

Some domain and DNS problems do not show up as outages. They show up later as avoidable stress.

Renewals and expiry risk

If you do not control renewals, you can lose the domain. That can mean email stops, websites go offline, and customers lose trust. It can also create a scramble to prove ownership and recover access.

Account recovery risk

If the registrar account recovery email is an old personal address, or the 2FA device belongs to a former supplier, you are one lost phone away from being locked out.

“One person knows it” risk

In small businesses, it’s common that one person has all the logins. That can work until they go on holiday, get sick, or leave the company.

What “good” looks like is boring:

• Business-owned registrar and DNS accounts.
• Two trusted admins with their own logins.
• 2FA set up in a way the business can recover.
• A simple internal note that lists: registrar, DNS host, and where email is hosted.

If you want to keep things stable as you grow, domain and DNS control should be treated as part of your core IT setup, not as a web project detail. If you are working towards a full “done properly” setup, you will usually also want to review your wider Microsoft 365 configuration. Pricing and tiers are here: SimpleBusinessIT pricing.

Summary

• Domains, DNS, website hosting, and email hosting are separate things. Mixing them up causes outages.
• Your business should own the registrar account and have reliable access to DNS editing.
• DNS changes can take time to settle because of caching and propagation, so do not panic-change things.
• Email is often the first thing to break when DNS is treated as “website only”.
• The safest setup is boring: documented, controlled, and recoverable.

FAQ

Is my domain “owned” by my registrar?

Your registrar is the company you register through, but the domain sits within a wider registry system. Practically, the key point is that you must control the registrar account and renewals.

How do I know who hosts my DNS?

Check which name servers your domain is using. Those name servers point to the DNS host that holds your records (the authoritative source).

How long do DNS changes take?

Some changes can appear quickly, but caches can keep old values around. Many providers advise planning for up to 24 to 48 hours for certain changes, especially name server changes.

Can changing my website break my email?

Yes. Email-related DNS records can be removed or overwritten during website or hosting changes if people treat DNS as “website only”.

Do I need to understand DNS records to run a small business?

No. You do need to understand ownership and access: who controls the registrar, who controls DNS, and what systems depend on it.

What’s the quickest way to reduce risk right now?

Make sure the domain registrar account is owned by the business, confirm who hosts DNS, and ensure at least two trusted people can access it with proper account recovery.