DNS Report

[marksalehouse]

I came across this site and tried it out

http://www.dnsstuff.com/

A couple of things were highlighted and I wonder if someone could explain them to me:

FAIL:
ERROR: Although you have at least 2 NS records, they both point to the same server, resulting in a single point of failure. You are required to have at least 2 nameservers per RFC 1035 section 2.2.

WARN:
WARNING: All of your nameservers (listed at the parent nameservers) are in the same Class C (technically, /24) address space, which means that they are probably at the same physical location. Your nameservers should be at geographically dispersed locations. You should not have all of your nameservers at the same location. RFC2182 3.1 goes into more detail about secondary nameserver location.

WARN:
Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the target date for domains to have SPF records in place (Hotmail, for example, started checking SPF records on 01 Oct 2004).

Thanks,

Mark

[PsyCHZZZ]

hi marksalehouse,

I'm not a pro in all these but the first 2 errors that you get

FAIL:
ERROR: Although you have at least 2 NS records, they both point to the same server, resulting in a single point of failure. You are required to have at least 2 nameservers per RFC 1035 section 2.2.

WARN:
WARNING: All of your nameservers (listed at the parent nameservers) are in the same Class C (technically, /24) address space, which means that they are probably at the same physical location. Your nameservers should be at geographically dispersed locations. You should not have all of your nameservers at the same location. RFC2182 3.1 goes into more detail about secondary nameserver location.

is pretty common in a shared hosting environment. It just means that your primary and secondary DNS servers are actually pointing to the same physical server and might pose a problem if that ONE server goes down. There's no reason for panic on this one frankly cause it's really rare that a DNS server goes down for a long period of time (can't say the same for the webserver though :P)

As for this...

WARN:
Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the target date for domains to have SPF records in place (Hotmail, for example, started checking SPF records on 01 Oct 2004).

SPF record is an optional thing... You can find out more about SPF here [http://en.wikipedia.org/wiki/Sender_Policy_Framework].

If you want to add an SPF record to your domain, all you gotta do is open a ticket to the support and requests for it. I had mine done up the last time I notice some spam mails originating from my domain name. SPF provides a certain level of protection against that.

Cheers~

[Alan B]

The first indicates that you have only one true nameserver. That is not ideal. If it's a hobby site, then that's fine. If it is a business site or a domain that depends on reliable e-mail, then that's bad. I always add multiple secondary nameservers, true separate nameservers, to improve the reliability of my shared hosting. The service I use also includes multiple backup mail servers, so if my WHB server is down, or overloaded, or if the datacentre is under DDOS attack, then the backup mail servers will receive the mail. Later, when the WHB server is available, the backup mail servers will deliver the mail to the WHB server. This way I don't lose important mail.

I would never run any of my important domains, or my clients' domains, on a single nameserver and single mail server.

[marksalehouse]

Interesting stuff. A bit too deep for me at the moment but thanks for all the help and pointers.

Mark