January 10th, 2002, 06:49 PM
SOA and MX
I was told my SOA and MX are highly misconfigured
what should I do ?
Got Debian Linux?
January 10th, 2002, 07:23 PM
Because serriaweb.com (your host) doesn't have a clue what DNS is. Should you continue to host with them, your site(s) will suffer timeouts, unreachable or the like errors.
First off, their DNS is misconfigured.
# dnsqr soa sierraweb.com
78 bytes, 1+1+0+0 records, response, noerror
query: 6 sierraweb.com
answer: sierraweb.com 3600 SOA sierraweb.com hostmaster.sierraweb.com 1806903785 1800 300 172800 3600
- sierraweb.com is NOT FQDN.
- SOA is not the one in bold above (sierraweb.com). It should be ns1.sierraweb.com.
- ns1.sierraweb.com resolves to 18.104.22.168, which has a broken reverse. As a host, you must have a working reverse.
dnsname 22.214.171.124 returns nothing.
- MX with a broken reverse is extremely bad as a host.
# dnsmx sierraweb.com
smtp.sierraweb.com has the same IP as ns1.sierraweb.com. To have a more reliable MX, they need to change smtp.sierraweb.com to ns1.sierraweb.com. Anyhow, their reverse is broken, so don't host with them.
Now let's check your zone record:
# dnsqr soa susquenita.com
89 bytes, 1+1+0+0 records, response, noerror
query: 6 susquenita.com
answer: susquenita.com 43200 SOA susquenita.com hostmaster.sierraweb.com 2840239817 3600 1800 1209600 43200
- The SOA for your domain must be ns1.sierraweb.com so the authority
can be traced to the roots.
# dnsmx susquenita.com
- Each MX should be known by ONE FQDN that gives you the fastest DNS lookup, when multiple FAQNs resolve to the same IP. So whatever FQDN of xxx.susquenita.com has the highest preference, set your MX to it. You also can set your MX to skeasor.static.pa.net for more reliability.
Do the same for your other domain. There are more misconfiguration but they are minor and I am not going to spend more time to point those out here.
January 10th, 2002, 08:14 PM
you know your stuff...
You really know your stuff about this whole networking business. How long have you been studying ?
Got Debian Linux?
January 10th, 2002, 09:27 PM
Been working for years.
Actually DNS is a rather simple protocol but too many dnsadmins are just clueless. I believe at least 30% of DNS servers on the net are misconfigured in some ways. Who should they blame that on? BIND developers.