Disabling DNS Recursion deactivates the server’s ability to perform DNS lookups for domains not already in its cache. Enabling this allows remote computers to use the server as its own DNS server, basically a public DNS server. This obviously has many security vulnerabilities.
To resolve this, we simply need to check a checkbox in the DNS Server options and ensure the network cards and SmarterMail is configured to use Private Network DNS Servers to perform any DNS lookups on the server’s behalf.
Network Card Properties
For each network card (Public & Private), go to the Properties and go to TCP/IP properties.
Ensure both DNS servers are set as follows:
- Primary DNS Server: 8.8.8.8
- Secondary DNS Server: 8.8.4.4
SmarterMail Configuration (if installed)
Log in as Admin.
Go to the Settings -> General Settings -> Server Info
Ensure both DNS servers are set as follows:
- Primary DNS Server: 8.8.8.8
- Secondary DNS Server: 8.8.4.4
DNS Server Properties
Open “Start > Administrative Tools > DNS“, and expand the Server node & the Forward Lookup Zones folder.
Right-click on the server name and choose Properties.
Click on the Advanced tab
Check the ‘Disable DNS Recursion‘ checkbox.
Click Apply/OK
Right-click on the server name and choose ‘Clear Cache‘.
Right-click on the server name, go to All Tasks, and choose ‘Restart‘.
Interested in letting our experts solve your IT problems for you?
Get a free, no-obligations consultation with one of our experts today!
