I got DNS report as following, now how can i link to scmad.com?? Thanks!
DNS Report for scmad.com
Generated by www.DNSreport.com
at 02:58:39 GMT on 19 May 2004.
Category Status Test Name Information
Parent PASS Missing Direct Parent check OK. Your direct parent zone exists, which is good. Some domains (usually third or fourth level domains, such as example.co.us) do not have a direct parent zone ('co.us' in this example), which is legal but can cause confusion.
INFO NS records at parent servers Your NS records at the parent servers are:
ns11.dr2.net. [184.108.40.206] [TTL=172800] [US]
ns12.dr2.net. [220.127.116.11] [TTL=172800] [US]
[These were obtained from m.gtld-servers.net]
PASS Parent nameservers have your nameservers listed OK. When someone uses DNS to look up your domain, the first step (if it doesn't already know about your domain) is to go to the parent servers. If you aren't listed there, you can't be found. But you are listed there, with 2 entries.
PASS Glue at parent nameservers OK. The parent servers have glue for your nameservers. That means they send out the IP address of your nameservers, as well as their host names.
NS INFO NS records at your nameservers Your NS records at your nameservers are:
PASS All nameservers report identical NS records OK. The NS records at all your nameservers are identical.
PASS All nameservers respond OK. All of your nameservers listed at the parent nameservers responded.
PASS Nameserver name validity OK. All of the NS records that your nameservers report seem valid (no IPs or partial domain names).
PASS Number of nameservers OK. You have 2 nameservers. You must have at least 2 nameservers (RFC2182 section 5 recommends at least 3 nameservers), and preferably no more than 7.
PASS Lame nameservers OK. All the nameservers listed at the parent servers answer authoritatively for your domain.
PASS Missing (stealth) nameservers OK. All 2 of your nameservers (as reported by your nameservers) are also listed at the parent servers.
PASS Missing nameservers 2 OK. All of the nameservers listed at the parent nameservers are also listed as NS records at your nameservers.
PASS No CNAMEs for domain OK. There are no CNAMEs for scmad.com. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present. Note that I only checked scmad.com, I did not check the NS records, which should not have CNAMEs either.
PASS No NSs with CNAMEs OK. There are no CNAMEs for your NS records. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
WARN Nameservers on separate class C's WARNING: All of your nameservers (listed at the parent nameservers) are in the same Class C (technically, /24) address space, which means that they are probably at the same physical location. Your nameservers should be at geographically dispersed locations. You should not have all of your nameservers at the same location. RFC2182 3.1 goes into more detail about secondary nameserver location.
PASS All NS IPs public OK. All of your NS records appear to use public IPs. If there were any private IPs, they would not be reachable, causing DNS delays.
INFO Nameservers versions Your nameservers have the following versions:
WARN NS TTL discrepancy Warning: Your NS records at your authoritative DNS servers have TTLs that do not match what the parent servers report:
TTL for NS record ns12.dr2.net. is 172800 at parent versus 14400 at 18.104.22.168.TTL for NS record ns11.dr2.net. is 172800 at parent versus 14400 at 22.214.171.124.
In some cases, this can cause some serious problems. For example, if the parent servers have a 172800 second TTL (48 hours), and your authoritative DNS servers report a TTL of 3600 seconds (1 hour), you are saying that the parent DNS servers do not have the correct information. But, after 1 hour your DNS records may time out. At that point a DNS resolver will need to get fresh NS records. This can cause a serious problem in some cases.
PASS Stealth NS record leakage Your DNS servers do not leak any stealth NS records (if any) in non-NS requests.
SOA INFO SOA record Your SOA record [TTL=14400] is:
Primary nameserver: ns11.dr2.net.
Hostmaster E-mail address: root.echo5.1oftheservers.net.
Serial #: 2004020300
Default TTL: 86400
PASS NS agreement on SOA serial # OK. All your nameservers agree that your SOA serial number is 2004020300. That means that all your nameservers are using the same data (unless you have different sets of data with the same serial number, which would be very bad)! Note that the DNS Report only checks the NS records listed at the parent servers (not any stealth servers).
PASS SOA MNAME Check OK. Your SOA (Start of Authority) record states that your master (primary) name server is: ns11.dr2.net.. That server is listed at the parent servers, which is correct.
PASS SOA RNAME Check OK. Your SOA (Start of Authority) record states that your DNS contact E-mail address is: firstname.lastname@example.org
. (techie note: we have changed the initial '.' to an '@' for display purposes).
PASS SOA Serial Number OK. Your SOA serial number is: 2004020300. This appears to be in the recommended format of YYYYMMDDnn, where 'nn' is the revision. For example, if you are making the 3rd change on 02 May 2000, you would use 2000050203. This number must be incremented every time you make a DNS change.
WARN SOA REFRESH value WARNING: Your SOA REFRESH interval is : 28800 seconds. This seems a bit high. You should consider decreasing this value to about 3600-7200 seconds. RFC1912 2.2 recommends a value between 1200 to 43200 seconds (20 minutes to 12 hours; 12 hours seems very high to us), although some registrars may limit you to 10000 seconds or higher, and if you are using DNS NOTIFY the refresh value is not as important (RIPE recommend 86400 seconds if using DNS NOTIFY). This value determines how often secondary/slave nameservers check with the master for updates. A value that is too high will cause DNS changes to be in limbo for a long time.
PASS SOA RETRY value OK. Your SOA RETRY interval is : 7200 seconds. This seems normal (about 120-7200 seconds is good). The retry value is the amount of time your secondary/slave nameservers will wait to contact the master nameserver again if the last attempt failed.
WARN SOA EXPIRE value WARNING: Your SOA EXPIRE time is : 3600000 seconds. This seems a bit high. You should consider decreasing this value to about 1209600 to 2419200 seconds (2 to 4 weeks). RFC1912 recommends 2-4 weeks. This is how long a secondary/slave nameserver will wait before considering its DNS data stale if it can't reach the primary nameserver.
PASS SOA MINIMUM TTL value OK. Your SOA MINIMUM TTL is: 86400 seconds. This seems normal (about 60 to 86400 seconds or 1-24 hours is good). RFC2308 suggests a value of 1-3 hours. This value used to determine the default (technically, minimum) TTL (time-to-live) for DNS entries, but now is used for negative caching.
MX INFO MX Record Your 1 MX record is:
0 scmad.com. [TTL=14400] IP=126.96.36.199 [TTL=14400] [US]
PASS Invalid characters OK. All of your MX records appear to use valid hostnames, without any invalid characters.
PASS All MX IPs public OK. All of your MX records appear to use public IPs. If there were any private IPs, they would not be reachable, causing slight mail delays, extra resource usage, and possibly bounced mail.
PASS MX records are not CNAMEs OK. Looking up your MX record did not just return a CNAME. If an MX record query returns a CNAME, extra processing is required, and some mail servers may not be able to handle it.
PASS MX A lookups have no CNAMEs OK. There appear to be no CNAMEs returned for A records lookups from your MX records (CNAMEs are prohibited in MX records, according to RFC974, RFC1034 3.6.2, RFC1912 2.4, and RFC2181 10.3).
PASS MX is host name, not IP OK. All of your MX records are host names (as opposed to IP addresses, which are not allowed in MX records).
WARN Multiple MX records WARNING: You only have 1 MX record. If your primary mail server is down or unreachable, there is a chance that mail may have troubles reaching you.
PASS Duplicate MX records OK. You do not have any duplicate MX records (pointing to the same IP). Although technically valid, duplicate MX records can cause a lot of confusion, and waste resources.
PASS Reverse DNS entries for MX records OK. The IPs of all of your mail server(s) have reverse DNS (PTR) entries. RFC1912 2.1 says you should have a reverse DNS for all your mail servers. It is strongly urged that you have them, as many mailservers will not accept mail from mailservers with no reverse DNS entry. The reverse DNS entries are:
188.8.131.52.in-addr.arpa echo5.1oftheservers.net. [TTL=28000]
Mail PASS Connect to mail servers OK: I was able to connect to all of your mailservers.
WARN Mail server host name in greeting WARNING: One or more of your mailservers may be claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). This probably won't cause any harm, but may be a technical violation of RFC821 4.3 (and RFC2821 4.3.1).
scmad.com claims to be host echo5.1oftheservers.net.
PASS Acceptance of NULL <> sender OK: All of your mailservers accept mail from "<>". You are required (RFC1123 5.2.9) to receive this type of mail (which includes reject/bounce messages and return receipts).
PASS Acceptance of postmaster address OK: All of your mailservers accept mail to email@example.com
(as required by RFC822 6.3, RFC1123 5.2.7, and RFC2821 4.5.1).
PASS Acceptance of abuse address OK: All of your mailservers accept mail to firstname.lastname@example.org
WARN Acceptance of domain literals WARN: One or more of your mailservers does not accept mail in the domain literal format (email@example.com). Mailservers are technically required RFC1123 5.2.17 to accept mail to domain literals for any of its IP addresses. Not accepting domain literals can make it more difficult to test your mailserver, and can prevent you from receiving E-mail from people reporting problems with your mailserver. However, it is unlikely that any problems will occur if the domain literals are not accepted.
scmad.com's firstname.lastname@example.org response:
>>> RCPT TO:<email@example.com>
<<< 501 : domain literals not allowed
PASS Open relay test OK: All of your mailservers appear to be closed to relaying. This is not a thorough check, you can get a thorough one here.
scmad.com OK: 550-test.dnsstuff.com (test.DNSreport.com) [184.108.40.206] is currently not 550-permitted to relay through this server. Perhaps you have not logged into 550-the pop/imap server in the last 30 minutes or do not have SMTP 550 Authentication turned on in your email client.
WWW INFO WWW Record Your www.scmad.com
A record is: www.scmad.com.
CNAME scmad.com. [TTL=14400]
scmad.com. A 220.127.116.11 [TTL=14400] [US]
PASS All WWW IPs public OK. All of your WWW IPs appear to be public IPs. If there were any private IPs, they would not be reachable, causing problems reaching your web site.
PASS CNAME Lookup OK. You do have a CNAME record for www.scmad.com,
which can cause some confusion. However, this is legal. Your CNAME entry also returns the A record for the CNAME entry, which is good -- otherwise, it would require an extra DNS lookup, which slightly delays the initial access to the website and use extra bandwidth. Note that if the CNAME points to another CNAME, it will likely cause problems.
Rows with a FAIL indicate a problem that in most cases really should be fixed.
Rows with a WARN indicate a possible minor problem, which often is not worth pursuing.
(C) Copyright 2000-2004 R. Scott Perry