| Category | Status | Test Name | Information |
|---|---|---|---|
| Parent | PASS | Missing Direct Parent check | OK. Your direct parent zone exists, which is good. Some domains (usually third or fourth level domains, such as example.co.us) do not have a direct parent zone ('co.us' in this example), which is legal but can cause confusion. |
| INFO | NS records at parent servers | Your NS records at the parent servers are:fearow1.superonlinecorporate.com. [213.74.4.130] [TTL=172800] [TR] fearow2.superonlinecorporate.com. [213.74.4.131] [TTL=172800] [TR][These were obtained from m.gtld-servers.net] | |
| PASS | Parent nameservers have your nameservers listed | OK. When someone uses DNS to look up your domain, the first step (if it doesn't already know about your domain) is to go to the parent servers. If you aren't listed there, you can't be found. But you are listed there. | |
| PASS | Glue at parent nameservers | OK. The parent servers have glue for your nameservers. That means they send out the IP address of your nameservers, as well as their host names. |
| NS | INFO | NS records at your nameservers | Your NS records at your nameservers are:fearow2.superonlinecorporate.com.[213.74.4.131] [TTL=38400] fearow1.superonlinecorporate.com.[213.74.4.130] [TTL=38400] |
| PASS | Mismatched glue | OK. The DNS report did not detect any discrepancies between the glue provided by the parent servers and that provided by your authoritative DNS servers. | |
| PASS | No NS A records at nameservers | OK. Your nameservers do include corresponding A records when asked for your NS records. This ensures that your DNS servers know the A records corresponding to all your NS records. | |
| PASS | All nameservers report identical NS records | OK. The NS records at all your nameservers are identical. | |
| PASS | All nameservers respond | OK. All of your nameservers listed at the parent nameservers responded. | |
| PASS | Nameserver name validity | OK. All of the NS records that your nameservers report seem valid (no IPs or partial domain names). | |
| PASS | Number of nameservers | OK. You have 2 nameservers. You must have at least 2 nameservers (RFC2182 section 5 recommends at least 3 nameservers), and preferably no more than 7. | |
| PASS | Lame nameservers | OK. All the nameservers listed at the parent servers answer authoritatively for your domain. | |
| PASS | Missing (stealth) nameservers | OK. All 2 of your nameservers (as reported by your nameservers) are also listed at the parent servers. | |
| PASS | Missing nameservers 2 | OK. All of the nameservers listed at the parent nameservers are also listed as NS records at your nameservers. | |
| PASS | No CNAMEs for domain | OK. There are no CNAMEs for perencodiy.com. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present. | |
| PASS | No NSs with CNAMEs | OK. There are no CNAMEs for your NS records. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present. | |
| WARN | Nameservers on separate class C's | WARNING: All of your nameservers (listed at the parent nameservers) are in the same Class C (technically, /24) address space, which means that they are probably at the same physical location. Your nameservers should be at geographically dispersed locations. You should not have all of your nameservers at the same location. RFC2182 3.1 goes into more detail about secondary nameserver location. | |
| PASS | All NS IPs public | OK. All of your NS records appear to use public IPs. If there were any private IPs, they would not be reachable, causing DNS delays. | |
| INFO | Nameservers versions | Your nameservers have the following versions: 213.74.4.130: "9.2.1" 213.74.4.131: "9.2.1" | |
| PASS | Stealth NS record leakage | Your DNS servers do not leak any stealth NS records (if any) in non-NS requests. |
| SOA | INFO | SOA record | Your SOA record [TTL=38400] is:Primary nameserver: fearow2.superonlinecorporate.com. Hostmaster E-mail address: hostmaster.superonlinecorporate.com. Serial #: 20020736 Refresh: 10800 Retry: 3600 Expire: 604800 Default TTL: 38400 |
| PASS | NS agreement on SOA serial # | OK. All your nameservers agree that your SOA serial number is
20020736. That means that all your nameservers are using the same data
(unless you have different sets of data with the same serial number, which
would be very bad)! Note that the DNS Report only checks the NS records
listed at the parent servers (not any stealth servers). | |
| PASS | SOA MNAME Check | OK. Your SOA (Start of Authority) record states that your master (primary) name server is: fearow2.superonlinecorporate.com.. That server is listed at the parent servers, which is correct. | |
| PASS | SOA RNAME Check | OK. Your SOA (Start of Authority) record states that your DNS contact E-mail address is: hostmaster@superonlinecorporate.com. (techie note: we have changed the initial '.' to an '@' for display purposes). | |
| WARN | SOA Serial Number | WARNING: Your SOA serial number is: 20020736. That is OK, but the recommended format (per RFC1912 2.2) is YYYYMMDDnn, where 'nn' is the revision. For example, if you are making the 3rd change on 02 May 2000, you would use 2000050203. This number must be incremented every time you make a DNS change. | |
| PASS | SOA REFRESH value | OK. Your SOA REFRESH interval is : 10800 seconds. This seems normal (about 3600-7200 seconds is good if not using DNS NOTIFY; RFC1912 2.2 recommends a value between 1200 to 43200 seconds (20 minutes to 12 hours)). This value determines how often secondary/slave nameservers check with the master for updates. | |
| PASS | SOA RETRY value | OK. Your SOA RETRY interval is : 3600 seconds. This seems normal (about 120-7200 seconds is good). The retry value is the amount of time your secondary/slave nameservers will wait to contact the master nameserver again if the last attempt failed. | |
| PASS | SOA EXPIRE value | OK. Your SOA EXPIRE time: 604800 seconds. This seems normal (about 1209600 to 2419200 seconds (2-4 weeks) is good). RFC1912 recommends 2-4 weeks. This is how long a secondary/slave nameserver will wait before considering its DNS data stale if it can't reach the primary nameserver. | |
| PASS | SOA MINIMUM TTL value | OK. Your SOA MINIMUM TTL is: 38400 seconds. This seems normal (about 3,600 to 86400 seconds or 1-24 hours is good). RFC2308 suggests a value of 1-3 hours. This value used to determine the default (technically, minimum) TTL (time-to-live) for DNS entries, but now is used for negative caching. |
| MX | INFO | MX Record | Your 1 MX record is: 5 mail.perencodiy.com. [TTL=38400] IP=195.33.204.130 [TTL=38400] [TR] |
| PASS | Invalid characters | OK. All of your MX records appear to use valid hostnames, without any invalid characters. | |
| PASS | All MX IPs public | OK. All of your MX records appear to use public IPs. If there were any private IPs, they would not be reachable, causing slight mail delays, extra resource usage, and possibly bounced mail. | |
| PASS | MX records are not CNAMEs | OK. Looking up your MX record did not just return a CNAME. If an MX record query returns a CNAME, extra processing is required, and some mail servers may not be able to handle it. | |
| PASS | MX A lookups have no CNAMEs | OK. There appear to be no CNAMEs returned for A records lookups from your MX records (CNAMEs are prohibited in MX records, according to RFC974, RFC1034 3.6.2, RFC1912 2.4, and RFC2181 10.3). | |
| PASS | MX is host name, not IP | OK. All of your MX records are host names (as opposed to IP addresses, which are not allowed in MX records). | |
| WARN | Multiple MX records | WARNING: You only have 1 MX record. If your primary mail server is down or unreachable, there is a chance that mail may have troubles reaching you. | |
| PASS | Differing MX-A records | OK. I did not detect differing IPs for your MX records (this would happen if your DNS servers return different IPs than the DNS servers that are authoritative for the hostname in your MX records). | |
| PASS | Duplicate MX records | OK. You do not have any duplicate MX records (pointing to the same IP). Although technically valid, duplicate MX records can cause a lot of confusion, and waste resources. | |
| PASS | Reverse DNS entries for MX records | OK. The IPs of all of your mail server(s) have reverse DNS (PTR)
entries. RFC1912 2.1 says you should have a reverse DNS for all your mail
servers. It is strongly urged that you have them, as many mailservers will
not accept mail from mailservers with no reverse DNS entry. Note that this
information is cached, so if you changed it recently, it will not
be reflected here (see the http://www.dnsstuff.com/ for the
current data). The reverse DNS entries are:130.204.33.195.in-addr.arpa mail.perencodiy.com. [TTL=38400] |
| PASS | Connect to mail servers | OK: I was able to connect to all of your mailservers. | |
| PASS | Mail server host name in greeting | OK: All of your mailservers have their host name in the
greeting: mail.perencodiy.com: 220 perencodiy.com ESMTP Sendmail 8.11.6/8.11.6; Thu, 30 Jun 2005 13:33:31 +0300 | |
| PASS | Acceptance of NULL <> sender | OK: All of your mailservers accept mail from "<>". You are required (RFC1123 5.2.9) to receive this type of mail (which includes reject/bounce messages and return receipts). | |
| PASS | Acceptance of postmaster address | OK: All of your mailservers accept mail to postmaster@perencodiy.com (as required by RFC822 6.3, RFC1123 5.2.7, and RFC2821 4.5.1). | |
| PASS | Acceptance of abuse address | OK: All of your mailservers accept mail to abuse@perencodiy.com. | |
| INFO | Acceptance of domain literals | WARNING: One or more of your mailservers does not accept mail in the
domain literal format (user@[0.0.0.0]). Mailservers are technically
required RFC1123 5.2.17 to accept mail to domain literals for any of its
IP addresses. Not accepting domain literals can make it more difficult to
test your mailserver, and can prevent you from receiving E-mail from
people reporting problems with your mailserver. However, it is unlikely
that any problems will occur if the domain literals are not accepted
(mailservers at many common large domains have this problem).mail.perencodiy.com's postmaster@[195.33.204.130] response:
>>> RCPT TO:<postmaster@[195.33.204.130]>
<<< 550 5.7.1 | |
| PASS | Open relay test | OK: All of your mailservers appear to be closed to relaying. This is
not a thorough check, you can get a thorough one here. mail.perencodiy.com OK: 550 5.7.1 | |
| WARN | SPF record | Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the target date for domains to have SPF records in place (Hotmail, for example, started checking SPF records on 01 Oct 2004). |
| WWW | FAIL | WWW Category | ERROR: I couldn't find any A records for www.perencodiy.com. But I did find a referral to fearow2.superonlinecorporate.com. (and maybe others). If you want a website at www.perencodiy.com, you will need an A record for www.perencodiy.com. If you do not want a website at www.perencodiy.com, you can ignore this error. |