On 2007-02-22, Ploc Plikoplok <plub2006@acampado.net> wrote:
J'ai fait un petit test avec dnsreport.com. Il s'avère que Gandi passe avec brio tous les tests de dnsreport.com SAUF 2 ! Vous pouvez améliorer les choses ou nous expliquer pourquoi ces tests échouent ?
Eh non, ils n'échouent pas, il s'agit de warnings (ie. pas d'erreurs) :)
WARN Single Point of Failure WARNING: Although you have at least 2 NS records, there is a chance that they may both point to the same server (one of our two tests shows them being different, the other is unsure; it appears that there are one or more firewall(s) that intercept and alter DNS packets (some versions of Linux reportedly have a built-in firewall that does this, too)), which would result in a single point of failure. You are required to have at least 2 nameservers per RFC 1035 section 2.2.
Nos 3 serveurs DNS "publics" (a, b, et c .dns.gandi.net) sont servis actuellement par 5 machines, tout ça sur 3 sites différents, ce qui est un bon début pour la redondance. L'étape d'après, que nous envisageons, sera d'ajouter un autre serveur DNS en dehors de notre réseau.
WARN SPF record Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the target date for domains to have SPF records in place (Hotmail, for example, started checking SPF records on 01 Oct 2004).
Ça, c'est à mettre dans chaque zone, donc à la discretion du client. (c'est un record de type "TXT" sur le label du nom de domaine)
\o/ Stephane / Tuf G GANDI