The following are best practices from this chapter:
Use Windows 2000/2003 DNS or BIND 8.1.2 or higher to support SRV records.
Administrators should set up redundant name resolution servers in the event that one server fails.
Use caching-only DNS servers to help leverage load and minimize zone transfer traffic across WAN links.
Make any DNS implementations compliant with the standard DNS character set so that zone transfers are supported to and from non “Unicode-compliant DNS implementations , such as Unix BIND servers. This includes a “z, A “Z, 0 “9, and the hyphen (-) character.
Set up multiple MX records for all mail servers for redundancy. ISPs usually function as a secondary mail relay gateway for the hosted domain.
Always protect internal DNS servers and SMTP gateways by a firewall.