Operations | Monitoring | ITSM | DevOps | Cloud

The Start of Authority record is the first record in any DNS zone file. It's the record that says "this zone exists, this is the primary nameserver in charge, and here are the timing rules that govern how this zone behaves." A full SOA record looks like this when you query it: Each of those numbers does something different. The one that triggered your warning is the Expire value, the fourth number. In this example, 1209600 seconds, which is exactly 14 days.

When your mail server connects to a recipient server to deliver email, the very first thing it does after the TCP connection is established is introduce itself. That introduction happens through the EHLO command (or its older predecessor HELO), and it looks like this: That hostname in the EHLO line is your SMTP banner. It is what your server claims to be.

DNS Check now supports monitoring CAA records. A CAA record (Certification Authority Authorization record) tells public certificate authorities (CAs) which of them, if any, are allowed to issue TLS/SSL certificates for your domain. Public CAs have been required to honor these records since 2017, so CAA records act as an access control list for certificate issuance.

It's 2026, and DNS Check now has a dark mode. Yes, we noticed the year. Better late than dazzling our users at 2 a.m. when an MX record decides to misbehave.

DNS Spy now goes well beyond DNS record monitoring. We've shipped SSL certificate discovery and security auditing, expanded the Security Center to 40+ automated checks across six categories, and built expiration tracking for both domains and SSL certificates — with tiered alerts so nothing expires without warning.

DNS Check now supports two features for Enterprise accounts that make it easier to work as a team: Team Members and Additional Email Recipients. Team Members lets multiple people log in and work with your DNS records using their own credentials. Additional Email Recipients sends notification emails to people who need to stay informed but don't need to log in.

On March 25, 2026, the Internet Systems Consortium (ISC) released patches for three vulnerabilities in BIND 9, the most widely deployed DNS server software in the world. The headline flaw — CVE-2026-1519 — carries a CVSS score of 7.5 and is remotely exploitable with no authentication required. An attacker who controls a maliciously crafted DNS zone can trigger the vulnerability by forcing a BIND resolver to process excessive NSEC3 iterations during DNSSEC validation of an insecure delegation.

You can now monitor DNS records directly from Hyperping. DNS issues are often invisible until your users start complaining. With DNS monitoring, Hyperping checks that your records resolve correctly from multiple locations and alerts you the moment something goes wrong. Head to your monitors dashboard to create a DNS monitor. You can also manage DNS monitors via the API. Questions? Reach out via in-app chat or email us at hello@hyperping.io.

Your domain is on a spam blocklist. Password reset emails aren't arriving, order confirmations land in spam, and customers are complaining that "your site doesn't work." By the time you hear about it, the damage has been building for days. We've shipped DNS blocklist monitoring to catch this early. Oh Dear now checks your domain against 11 major blocklists and notifies you the moment you're listed, with direct links to get removed.