Operations | Monitoring | ITSM | DevOps | Cloud

When your mail server connects to a recipient server to deliver email, the very first thing it does after the TCP connection is established is introduce itself. That introduction happens through the EHLO command (or its older predecessor HELO), and it looks like this: That hostname in the EHLO line is your SMTP banner. It is what your server claims to be.

The Start of Authority record is the first record in any DNS zone file. It's the record that says "this zone exists, this is the primary nameserver in charge, and here are the timing rules that govern how this zone behaves." A full SOA record looks like this when you query it: Each of those numbers does something different. The one that triggered your warning is the Expire value, the fourth number. In this example, 1209600 seconds, which is exactly 14 days.

DNS Spy now goes well beyond DNS record monitoring. We've shipped SSL certificate discovery and security auditing, expanded the Security Center to 40+ automated checks across six categories, and built expiration tracking for both domains and SSL certificates — with tiered alerts so nothing expires without warning.

On March 25, 2026, the Internet Systems Consortium (ISC) released patches for three vulnerabilities in BIND 9, the most widely deployed DNS server software in the world. The headline flaw — CVE-2026-1519 — carries a CVSS score of 7.5 and is remotely exploitable with no authentication required. An attacker who controls a maliciously crafted DNS zone can trigger the vulnerability by forcing a BIND resolver to process excessive NSEC3 iterations during DNSSEC validation of an insecure delegation.

DNS Spy now offers complete brand protection with WHOIS History & Monitoring and Phishing Sentinel—automatically tracking domain registration changes and detecting phishing variants before they become security incidents.

On October 20, 2025, much of the internet came to a halt. Apps wouldn’t load. Payments failed. Cloud dashboards went dark. From Fortnite to Alexa, Snapchat, and countless business platforms, users across the world were suddenly offline — all because DNS broke inside Amazon Web Services’ (AWS) US-East-1 region.

Most clients don’t care how DNS works—until it breaks. But as an MSP, you know the damage a single DNS misconfiguration or unnoticed change can cause. So how do you prove the ROI of DNS monitoring to clients who don't speak in TTLs or CNAMEs? Here’s how to bridge the gap between technical benefits and business value—so your clients understand exactly why they’re paying for DNS protection.

DNS is one of the most important and most overlooked layers in your client’s infrastructure. As an MSP, you’re often the one who gets blamed when something breaks—whether you control the DNS or not. And while many DNS problems are silent, their consequences are loud: email failures, website outages, and frustrated clients. This DNS security checklist will help you proactively identify and fix DNS risks across all your client domains.

Most MSPs don’t advertise DNS monitoring as a service—but they should. Why? Because when DNS goes wrong, your client won’t blame their registrar or email provider. They’ll blame you. And the worst part? You probably didn’t know anything had changed until the problem reached your inbox.

When something goes wrong in a client’s infrastructure, MSPs are expected to fix it—fast. But there’s one area most teams still overlook, and it’s often the first point of failure: DNS. Misconfigured DNS doesn’t always break things immediately. It’s subtle. It lingers. And when it finally causes an outage, broken email, or a security issue, it’s often too late. Here are the DNS misconfigurations MSPs can’t afford to ignore—and what to do about them.