When I run the dnsreport tool located at http://dnsreport.com on domains
hosted on our BQ servers, I get the following error in the report:
"ERROR: One or more of your nameservers reports that it is an open DNS
server. This usually means that anyone in the world can query it for domains
it is not authoritative for (it is possible that the DNS server advertises
that it does recursive lookups when it does not, but that shouldn't happen).
This can cause an excessive load on your DNS server. Also, it is strongly
discouraged to have a DNS server be both authoritative for your domain and
be recursive (even if it is not open), due to the potential for cache
poisoning (with no recursion, there is no cache, and it is impossible to
poison it). Also, the bad guys could use your DNS server as part of an
attack, by forging their IP address. Problem record(s) are:"
How can I fix this? Or should I just ignore the error?
- Ernie.