# -*- mmm-classes: donuts-perl -*-
# Copyright 2004-2007 SPARTA, Inc.  All rights reserved.
# See the COPYING file included with the DNSSEC-Tools package for details.
#
# This file checks for misc sanity checks
#


name: DNS_REASONABLE_TTLS
level: 8
class: Warning
# 60 seconds min
minttl: 60
help: minttl: minimum ttl value acceptable for a record
# 7 days max
maxttl: 604800
desc: Checks to see if reasonable TTL values (configurable) were chosen for all the records in a zone.
help: maxttl: maximum ttl value acceptable for a record
<test>
  return "Record has a TTL which is unreasonably small ( " . $_[0]->ttl
    . " < min: "
    . $_[1]->{'minttl'} . ")"
     if ($_[0]->ttl < $_[1]->{'minttl'});
  return "Record has a TTL which is unreasonably large ( " . $_[0]->ttl
    . " > max: "
    . $_[1]->{'maxttl'} . ")"
     if ($_[0]->ttl > $_[1]->{'maxttl'});
</test>

name: DNS_NO_DOMAIN_MX_RECORDS
level: 8
class: Warning
ruletype: name
desc: Checks to ensure that the zone contains at least 1 MX record.
<test>
   "At least one MX record for $current_domain is suggested"
      if ($_[2] eq $current_domain && $#{$_[0]->{'MX'}} == -1);
</test>
