Hi folks, I have checked a domain name on my ISPConfig server on a portal refered by a hosting company and I've find out there is 8 issues: 1. Open DNS servers: ERROR: One or more of your nameservers reports that it is an open DNS server. This usually means that anyone in the world can query it for domains it is not authoritative for (it is possible that the DNS server advertises that it does recursive lookups when it does not, but that shouldn't happen). This can cause an excessive load on your DNS server. Also, it is strongly discouraged to have a DNS server be both authoritative for your domain and be recursive (even if it is not open), due to the potential for cache poisoning (with no recursion, there is no cache, and it is impossible to poison it). Also, the bad guys could use your DNS server as part of an attack, by forging their IP address. Problem record(s) are: Server xxx.xx.xxx.204 reports that it will do recursive lookups. [test] Server xxx.xx.xxx.204 reports that it will do recursive lookups. [test] See this page for info on closing open DNS servers. 2. Nameserver name validity ERROR: One or more of the NS records that your nameservers report are invalid: xxx.xx.xxx.204. is not a valid host name (it must be a host name, not an IP address) 3. Number of nameservers ERROR: You have 2 nameservers, but both are on the same IP! This is not a valid setup. You are required to have at least 2 nameservers, per RFC 1035 section 2.2. 4. Missing (stealth) nameservers FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The DNS Report will not query these servers, so you need to be very careful that they are working properly.xxx.xx.xxx.204. This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example). 5. Missing nameservers 2 ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are: ns1.onedomain.info. ns2.onedomain.info. 6. Stealth NS record leakage Your DNS servers leak stealth information in non-NS requests: Stealth nameservers are leaked [xxx.xx.xxx.204.]! This can cause some serious problems (especially if there is a TTL discrepancy). If you must have stealth NS records (NS records listed at the authoritative DNS servers, but not the parent DNS servers), you should make sure that your DNS server does not leak the stealth NS records in response to other queries. 7. MX Category ERROR: I couldn't find any MX records for asesoriasit.net. If you want to receive E-mail on this domain, you should have MX record(s). Without any MX records, mailservers should attempt to deliver mail to the A record for asesoriasit.net. I can't continue in a case like this, so I'm assuming you don't receive mail on this domain. 8. Connect to mail servers ERROR: I could not find any mailservers for domain.net. please let me know some hints, that doesn't mean server is not working, all features and running just fine, just concern about those results. Kind regards,
1) http://www.howtoforge.com/forums/showpost.php?p=44486&postcount=2 2) Make sure you use a domain (fqdn) and not a IP address as nemserver. 3) No problem. Correct 2) and most of the other problems will disappear too. 7) Create a MX record for the domain. make sure you leave the hostname field empty. 8) is solved when 7 is solved.
