[TriLUG] DNS Questions / Help

Lisa C. Boyd leaseahb at gmail.com
Thu Mar 23 20:38:13 EST 2006


I have a client who is asking me to explain some warnings on a DNS 
Report. Can ya'll give me some easy to understand advice as to what 
these warning are or how to fix them?

--- Warning #1 ---
WARN	TCP Allowed	
WARNING: One or more of your DNS servers does not accept TCP 
connections. Although rarely used, TCP connections are occasionally used 
instead of UDP connections. When firewalls block the TCP DNS 
connections, it can cause hard-to-diagnose problems. The problem servers 
are:

This site is hosted on a shared virtual web host (like most) so I'm 
pretty sure we can ignore this warning because we have no control over 
the name servers.

--- Warning #2 ---
WARN	Mail server host name in greeting	
WARNING: One or more of your mailservers is claiming to be a host other 
than what it really is (the SMTP greeting should be a 3-digit code, 
followed by a space or a dash, then the host name). This probably won't 
cause any harm, but is a technical violation of RFC821 4.3 (and RFC2821 
4.3.1). Note that the hostname given in the SMTP greeting should have an 
A record pointing back to the same server.

I'm not sure we can do anything about this one either.

--- Warning #3 ---
WARN	SPF record	
Your domain does not have an SPF record. This means that spammers can 
easily send out E-mail that looks like it came from your domain, which 
can make your domain look bad (if the recipient thinks you really sent 
it), and can cost you money (when people complain to you, rather than 
the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was 
the target date for domains to have SPF records in place (Hotmail, for 
example, started checking SPF records on 01 Oct 2004).

This one I have no clue.

Thanks for any feedback you can give me :) as always!
Lisa B.



More information about the TriLUG mailing list