homepage Welcome to WebmasterWorld Guest from 54.205.228.154
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe to WebmasterWorld
Home / Forums Index / WebmasterWorld / Professional Webmaster Business Issues
Forum Library, Charter, Moderators: LifeinAsia & httpwebwitch

Professional Webmaster Business Issues Forum

    
DNS Report
Hurry, run one now!
pageoneresults




msg:789817
 9:21 pm on Sep 8, 2004 (gmt 0)

When was the last time you ran a DNS Report [dnsreport.com] for your sites?

Hurry, run one now and verify that you have no Warnings and/or Failures.

Warnings may not be too big of an issue although we did find one this morning that is now causing issues with GoDaddy email users.

Failures should be addressed immediately.

Let us know what types of Warnings and/or Failures you run into so everyone viewing this topic has an understanding of what the DNS Report is telling them.

P.S. We've had a few complaints from email users on our email system. Their emails were being rejected by GoDaddy email servers as Spam in the past 7-10 days. This just started happening and we are going to assume that GoDaddy made some changes on their end. The Warning was due to a conflicting host name in the HELO settings for the mail servers.

P.S.S. One of the warnings you may see with your mailservers is this one...

Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record before October 1, 2004, the target date for domains to have SPF records in place.

We are now working on adding SPF records to all zone files as suggested by the DNS Report. If you have an SPF Warning in the report, there will be a link to a resource where you can automatically generate an SPF record based on a series of questions. You then paste the SPF Text into your zone file for each domain.

 

pleeker




msg:789818
 9:29 pm on Sep 8, 2004 (gmt 0)

Got the SPF warning, yes. Also got warnings for:

* Nameservers on separate class C's
* SOA Serial Number
* SOA REFRESH value
* Multiple MX records
* Acceptance of domain literals

Very interesting. I don't "live" in this server config / DNS world and don't even visit it much, but this is educational. Thanks por.

mattglet




msg:789819
 9:47 pm on Sep 8, 2004 (gmt 0)

* Nameservers on separate class C's

* SOA EXPIRE value

* Multiple MX records (you only have 1)

* Mail server host name in greeting

* Acceptance of abuse address

* SPF record

If anyone has any tips as to how serious these could be, I'm all ears. The only one I understand is the abuse address, I'll fix that now :)

pageoneresults




msg:789820
 12:22 am on Sep 9, 2004 (gmt 0)

SPF Records [spf.pobox.com]

SPF = Sender Policy Framework

This is one that everyone should pay attention to. Come 2004 October, there will be many who will be using an SPF checking utility with email. If you do not have an SPF Record, chances are your email will be flagged as spam at the recipients end. Each domain will be required to have an SPF Record.

pageoneresults




msg:789821
 12:56 am on Sep 9, 2004 (gmt 0)

Multiple MX records (you only have 1)

This means that if your primary email goes down (the 1 MX record), you will not receive any email until it comes back up. I believe your outgoing mail server will keep those undeliverable emails in the queue for a period of 24 hours before sending you a failed mail message. It will attempt to resend the message(s) during that 24 hour period.

If you have a backup MX record (2 MX records), this enables you to capture any emails that may be in a queue waiting to be sent due to the primary MX record being down.

pageoneresults




msg:789822
 12:59 am on Sep 9, 2004 (gmt 0)

Nameservers on separate class C's

This means that the Nameservers are on different Class C's and are not on the same Class C. If the primary DNS goes down, the secondary DNS will come into play. If both DNS are on the same Class C, this means downtime for the site. If you have NS1 pointing to one DNS and NS2 pointing to another DNS on a different Class C, you have backup.

P.S. I think I described the above correctly. Please, if you see anything wrong with my explanations, don't hesitate to correct me. ;)

Very interesting. I don't "live" in this server config / DNS world and don't even visit it much, but this is educational.

I don't either but I've had to learn so that I can fully understand what the heck is going on with all aspects of the websites that I build and/or maintain. There are so many things that can cause grief for a search engine marketeer from the server level. If you are not aware of those things, there will be major stress in your life. ;)

iProgram




msg:789823
 9:34 am on Sep 9, 2004 (gmt 0)

FAIL Missing (stealth) nameservers
FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The DNS Report will not query these servers, so you need to be very careful that they are working properly.

ns2.theplanet.com.ns1.theplanet.com.
This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).

FAIL Missing nameservers 2
ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are:
ns1.servermatrix.com.
ns2.servermatrix.com.

FAIL Stealth NS record leakage
Your DNS servers leak stealth information in non-NS requests:

Stealth nameservers are leaked [ns2.theplanet.com.]!
Stealth nameservers are leaked [ns1.theplanet.com.]!

This can cause some serious problems (especially if there is a TTL discrepancy). If you must have stealth NS records (NS records listed at the authoritative DNS servers, but not the parent DNS servers), you should make sure that your DNS server does not leak the stealth NS records in response to other queries.

FAIL Acceptance of postmaster address
ERROR: One or more of your mailservers does not accept mail to postmaster@da-da-da-da.com. Mailservers are required (RFC822 6.3, RFC1123 5.2.7, and RFC2821 4.5.1) to accept mail to postmaster.

stuntdubl




msg:789824
 1:49 pm on Sep 9, 2004 (gmt 0)

Great resource pageoneresults. Thank you very much. It is very enlightening for someone like myself who also doesn't "live" in the server world. Like they say..."the devil is in the details", and details often get overlooked when someone thinks there is no one looking over their work;)

zulufox




msg:789825
 3:21 pm on Sep 9, 2004 (gmt 0)

FAIL Missing (stealth) nameservers FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The DNS Report will not query these servers, so you need to be very careful that they are working properly.

ns3.<hostingcompany>.com

This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).

Any help with this?

As per my hosting companies instructions I set my nameserver for my domain name register (different company) to ns1.<hostingcompany>.com and ns2.<hostingcompany>.com.

BeeDeeDubbleU




msg:789826
 7:14 am on Sep 10, 2004 (gmt 0)

I'm getting an error ...

[ERROR: Timed out getting NS data from parent server]

when I try to run the DNS report. Is anyone else getting this?

jam13




msg:789827
 9:04 am on Sep 10, 2004 (gmt 0)

I'm getting an error ...

Me too :(

Not a problem with my domain either - tried microsoft.com and got the same error.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Professional Webmaster Business Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved