On Wed, Apr 16, 2014 at 11:56 AM, <Valdis.Kletnieks@vt.edu> wrote:
On Wed, 16 Apr 2014 10:21:34 -0600, Steven Briggs said:
Yeah...I know. Unfortunately, the domain was "mishandled" by our registrar, who imposed their own TTLs on our zone, THEN turned it back over to us with a 48HR TTL. Which is very bad.
That's almost calling for a name-and-shame.
It's not hard to use WHOIS to lookup the registrar of each of the nameservers for proofpoint.com (ns1.proofpoint.us, ns3.proofpoint.us). Long TTLS are appropriate for a production zone, but in my estimation, it is improper for a registrar to impose or select by default a TTL longer than 1 hour, for a newly published or newly changed zone. The TTL can and should be reasonably low initially and automatically increased gradually over time, only after the zone has aged with no record changes and confidence is increased that the newly published zone is correct. -- -JH