[SOLVED] Problems receiving mail with Zimbra

[jsr]

all i need it for is zimbra indeed.
but as a knowledge hunter i will ust dive into the world of DNS

[jdp459]

Not really related to Zimbra, but DNS has historically been difficult to secure. Being just a few months behind on "source" BIND patches can get you hacked. Also, in the next year or so, there will likely be huge DNS changes towards DNSSEC. DNSSEC Home Page May 2009

If your DNS is available from the outside world, be certain you take the required steps and perform constant maintenance. Even internally, I'd run BIND chroot'd, that is, if I had to actually run BIND. BIND9 has much better security than prior versions, which is nice.

[phoenix]

Quote:

Originally Posted by jdp459

Not really related to Zimbra, but DNS has historically been difficult to secure. Being just a few months behind on "source" BIND patches can get you hacked. Also, in the next year or so, there will likely be huge DNS changes towards DNSSEC. DNSSEC Home Page May 2009

If your DNS is available from the outside world, be certain you take the required steps and perform constant maintenance. Even internally, I'd run BIND chroot'd, that is, if I had to actually run BIND. BIND9 has much better security than prior versions, which is nice.

You could actually install a DNS server that doesn't suffer from the problems that BIND has, try using PowerDNS Server & Recursion.