> From: Dave Warren <li...@hireahit.com> > Various online DNS diagnostic tools throw warnings,
Speaking of so called DNS diagnostic tools, one claims that my domains have DNS servers with "private" network addresses. My only guess is that they don't know the difference between IPv6 addresses and RFC 1918 addresses. On the other hand, maybe that was random FUD intended to drum up business, because they've stopped that nonsense in the last 3 days and without my changing anything. Another tool claims that ns3.isc-sns.info is "not sending glue" for one of my domains. That one is among the several that claim that having a single MX record is a defect instead of a feature in this century. (On today's Internet, where all SMTP clients from which you might want to receive mail can reach all of your SMTP servers at almost any time and do proper queuing for during very rare exceptions, one needs only one MX RR. Unless you want to load balance millions of messages per day among SMTP servers on multiple networks, you want a single a MX RR to avoid spam backscatter without having to synchronize your definition of "valid mailbox" at the distributed SMPT servers needed in the multiple-MX wisdom of the previous century....well, there is the exception of bogus MX RRs for trapping spam.) Then there is the supposed dire insecurity of answering `dig ch version.bind txt` Let's not forget the popular DNS checkers that claim my SMTP servers are open relays. Don't ask me about technical connections to DNS health in seeing whether an SMTP Rcpt_To command is answered with 250_Ok. The spammers who continually hit my SMTP servers with floods of checks of common holes in relay authentication and authorization evidently know that 250_Ok even at the end of a DATA command doesn't indicate that an SMTP server has relayed anything. There is a common thread among the bogus DNS health checks from outfits in the DNS help business and the worst domain registrars. Their sales stories are based on the notion that DNS, HTTP, SMTP, and the Internet in general are too complicated, dangerous, and generally scary for mere humans to handle, and so you'd better buy their patent medicine. On the other hand, good outfits simply sell competent services, perhaps including technical support, but always without acting like proverbial used car and computer saleslime. Vernon Schryver v...@rhyolite.com _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users