[dns-operations] Shameless plug for our Zonecheck software (Was: af.mil DNS issue

John Payne john at sackheads.org
Sat Jul 1 18:07:06 UTC 2006

On Jul 1, 2006, at 2:01 PM, Patrik Fältström wrote:

> On 1 jul 2006, at 17.46, John Payne wrote:
>> Couple of comments here too...
> Of course :-)
>> Is it necessary to try each MX for EVERY nameserver?    24  
>> attempts to get mail to an SOA email address seems excessive.
> This is a known issue.
> Of course it should only try each combination of email address and  
> RDATA in MX once. It only tries once if the SMTP connection works.
>> Also, if you're going to be reporting mail failures, you really  
>> should learn the difference between tempfail (like in the case of  
>> greylisting) and real failures.
> Yeah..., I just saw this. Not earlier a known bug...but now it is.  
> Thanks!
> What do you think the correct solution is?
> Say ok for 4xx errors, and only say "bad" on 5xx?

I'd say "unable to verify" or something.  Tempfail is neither an  
indication of it being ok or bad.
I'd also question the validity of doing this check at all... as the  
only places I've seen that email address field looked at are in zone  
checkers.  Most people would just use whois for contact information.

>> I think zonecheck only tried each MX once, but still didn't grok  
>> tempfail.
>> And this is aimed at zonecheck, I have issues with a _DNS_ checker  
>> running open relay tests...
> A test on nameserver <-> AS relationship is currently turned off,  
> but will be turned on when the new version is ready.

What is the purpose of that test?

More information about the dns-operations mailing list