BIND, one of the most popular DNS servers on the Internet, can be found as the default DNS server for many Linux and UNIX distributions. As such, it is important to determine how to handle zone transfers on that platform as well.

BIND’sprimary configuration takes places in the /etc/named.conf file for BIND 8 and 9 (/etc/named.boot for BIND 4, which you should consider upgrading if you are still running). This is a text file with a number of directives that control how BIND will respond to various situations. BIND’s default configuration, like Win2K’s and WinNT’s, allows a zone transfer to take place from anywhere.

To secure your BIND server, you must open the /etc/named.conf (or /etc/named.boot) file in a text editor and find the line marked “allow-transfer { any; };” which indicates that any IP address is allowed to get zone information. In this example, I want to allow zone transfers to take place only between my Red Hat 8 server, my Windows NT server with IP address 192.168.1.4, and another server with IP address 172.16.1.5. Therefore, I will change the allow-transfer line to read like the following:

allow-transfer{192.168.1.4; 172.16.1.5; };

Zoneedit allows you to restrict zone transfers to specific IPs under its Security Settings. This is extremely useful if you do not wish to disclose more information about your pointing.

Zone Transfer

See, submission are sent to you by email. What if the email agent used by your online form is not working as expected? Will you be informed if the email was not sent successfully? As online forms taking care of all the important sales conversion, it is important for you to understand how it works.

Using built-in SMTP

If your website is hosted in a Linux server (you can tell if your website ends with .php, in most case), changes you are using Sendmail as the email agent of your online forms. Sendmail do trigger Error message if a message failed to deliver for some reasons. Anyway, the messages will go to the administrator of the server, not you – most of the time.

Another problem with build-in SMTP server is, when your web hosting and email hosting are in the same server. Your web form will most likely ‘smart’ enough to route the submission of online forms to your mailbox. This will cause problem if you have some changes to your Mail Exchange pointing.

Using external SMTP

Just imagine the online form is now your email clients, such as Outlook Express. Everytime, an enquiry waiting to be delivered to you, your online form will connect to a specified SMTP, authorized as usual, and get the message delivered to you. You will have more control in this case, and your email hosting service provider will most likely provide you some status report for the uptime of your email server.

DNS is important. A good one log you into your server without delay, resolving your web address in your web browser quicker! Yet, our local ISPs never seem to take care of this seriously. Your router, computers, servers around you require a pair of reliable DNS servers.

Change your DNS now:

1) In your Router

Enable OpenDNS in your router so every computer benefits. The OpenDNS website is kind enough to list every model of router and guide you through the process. Stop using the famous Streamyx’s DNS servers (202.188.0.133 & 202.188.1.5).

2) In your Computer

If you’re connecting to Internet directly without a router, you can enter OpenDNS’s DNS servers into your computer, instead of using ‘obtain DNS server address automatically’. This also applies to those on Wireless broadband such as Celcom and Maxis 3G, etc.

3) In your Server

For example, if you have Linux installed in your server, include OpenDNS’s DNS servers to /etc/resolv.conf. I’m using TM’s DNS earlier and my dig and host command stop responding when TM’s DNS server decided to go teh tarik…

About OpenDNS

From the way how OpenDNS manage their website, showing the uptime of their globally loacated servers – rest assure this is the last time to change your DNS!