I'm a newbie at exchange and could use some assistance in making sure everything is working properly. I hate seeing failures and errors, i used http://www.dnsstuff.com/
and found some issues with my entry, can someone help me out?
We are also using a product called ActiveFax that send automated faxes and emails that is required for our business, the only thing we can do with it is to move to another machine, but it must remain.
Here is the actual report, http://www.dnsstuff.com/tools/dnsreport.ch?domain=automationsolutionsinc.com
FAIL Missing (stealth) nameservers FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The DNSreport will not query these servers, so you need to be very careful that they are working properly.
This is listed as an ERROR because there are some cases where nasty problems can occur (if the TTLs vary from the NS records at the root servers and the NS records point to your own domain, for example).
FAIL Missing nameservers 2 ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are:
FAIL Stealth NS record leakage Your DNS servers leak stealth information in non-NS requests:
Stealth nameservers are leaked [ns1.onecommunications.net
Stealth nameservers are leaked [ns2.onecommunications.net
Stealth nameservers are leaked [ns3.onecommunications.net
This can cause some serious problems (especially if there is a TTL discrepancy). If you must have stealth NS records (NS records listed at the authoritative DNS servers, but not the parent DNS servers), you should make sure that your DNS server does not leak the stealth NS records in response to other queries.
WARN SOA MNAME Check WARNING: Your SOA (Start of Authority) record states that your master (primary) name server is: ns1.onecommunications.net.
. However, that server is not listed at the parent servers as one of your NS records! This is legal, but you should be sure that you know what you are doing.
WARN Mail server host name in greeting WARNING: One or more of your mailservers is claiming to be a host other than what it really is (the SMTP greeting should be a 3-digit code, followed by a space or a dash, then the host name). If your mailserver sends out E-mail using this domain in its EHLO or HELO, your E-mail might get blocked by anti-spam software. This is also a technical violation of RFC821 4.3 (and RFC2821 4.3.1). Note that the hostname given in the SMTP greeting should have an A record pointing back to the same server. Note that this one test may use a cached DNS record.
claims to be non-existent host asidc01.AutomationSolution
: <br /> 220 asidc01.AutomationSolution
Microsoft ESMTP MAIL Service, Version: 6.0.3790.1830 ready at Wed, 28 Nov 2007 06:30:17 -0500 <br />
FAIL Acceptance of postmaster address ERROR: One or more of your mailservers does not accept mail to postmaster@automationsolut
m. Mailservers are required (RFC822 6.3, RFC1123 5.2.7, and RFC2821 4.5.1) to accept mail to postmaster.
spool.conversent.net's postmaster response:<br /> >>> RCPT TO:<postmaster@automations
c.com><br /> <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) <br /> asimail01.automationsoluti
's postmaster response:<br /> >>> RCPT TO:<postmaster@automations
c.com><br /> <<< 550 5.1.1 User unknown <br />
WARN Acceptance of abuse address WARNING: One or more of your mailservers does not accept mail to abuse@automationsolutionsi
nc.com. Mailservers are expected by RFC2142 to accept mail to abuse.
spool.conversent.net's abuse response:<br /> >>> RCPT TO:<abuse@automationsoluti
><br /> <<< 553 sorry, that domain isn't in my list of allowed rcpthosts (#5.7.1) <br /> asimail01.automationsoluti
's abuse response:<br /> >>> RCPT TO:<abuse@automationsoluti
><br /> <<< 550 5.1.1 User unknown <br />
FAIL Open relay test WARNING: One or more of your mailservers appears to be an open relay. If so, this means that you are allowing spammers to freely use the mailserver to send out spam! It is possible that your mailserver accepts all E-mail and later bounces it, or accepts the relay attempt and then deletes the E-mail, but this is not common.
appears to be an open relay: 250 2.1.5 Not.abuse.see.www.DNSreport.com.from.IP.18.104.22.168@DNSreport.com
WARN SPF record Your domain does not have an SPF record. This means that spammers can easily send out E-mail that looks like it came from your domain, which can make your domain look bad (if the recipient thinks you really sent it), and can cost you money (when people complain to you, rather than the spammer). You may want to add an SPF record ASAP, as 01 Oct 2004 was the target date for domains to have SPF records in place (Hotmail, for example, started checking SPF records on 01 Oct 2004).