Archive mensuelles: mars 2015

DMARC records

I’ve been working on optimizing the outgoing mail from my virtual server. This server has several virtual domains which send and receive mail as well. I’ve been using the service to check configurations, and I seem to be able to get 9 or 10 out of 10 on all my sites. However, there’s a warning that comes up about the DMARC record. The mail-tester advice is:

You do not have a DMARC record A DMARC policy allows a sender to indicate that their emails are protected by SPF and/or DKIM, and give instruction if neither of those authentication methods passes. Please be sure you have a DKIM and SPF set before using DMARC. You do not have a DMARC record, please add the following one to your domain

v=DMARC1; p=none

and my bind entry is: IN TXT « v=DMARC1;p=none »

Finally, a inspection does show a record matching what I put in bind. Does this look correct, or is there some nuance that I’m missing and isn’t explaining in a way that I see? Thanks!

Edit: To remove the obvious noob mistake question…no my bind entry does not actually say, it’s the actual name of the server used in the Errors-To, Sender, and Return-Path headers in the emails.

submitted by TheRealBeakerboy
[link] [comment]

Powered by WPeMatico

Curious random DNS queries

Hello, I did see a post ( similar to this, but it doesn’t seem to be the same case.

I get some random queries, but the frequency is way to low to be an attempt to a DDOS/DOS attack. Also, I thought that a « good » DNS amplification should be querying existing records (to ensure a « larger » response), not random, guaranteed to always return « No such name » responses.

My traffic is usually quite low; I get those about once a minute, grouped in ~5 queries from the same IP (probably spoofed, not always the same, but frequently from the range).

Some examples (domain has been changed to protect the innocent):

MZLUVOoN.MydOmAIn.Com (yes with randomized capitals)

RnMFgaSIYZXl.mYDoMaiN.COm – this one does look like some attempt to a DDOS, because I just saw the exact same query coming from 3 different networks almost at the same time (just once from each, though).

So what are they? Do you guys get those too?

(my server accepts no recursion and answers to those all with « No such name ». I’m considering dropping the recurrent ips on the firewall, but if they are spoofed, it may do more harm than good).


submitted by jsveiga
[link] [11 comments]

Powered by WPeMatico

Question on switching DNS and MX records

I apologize if this will sound stupid – I’m not exactly sure how to word my question…but here goes:

I have and its’ registered with GoDaddy. I have webspace with HostGator.

I want to keep with GoDaddy because that’s where our e-mail is set up, but point the domain towards HostGator for the

I know I have to use nameservers to accomplish this, but will changing name servers screw up my mail records?

Will I have to do anything special?

submitted by LE6940
[link] [3 comments]

Powered by WPeMatico