diff --git a/lemur/dns_providers/util.py b/lemur/dns_providers/util.py
index cc8d9bb3..0fa84ac1 100644
--- a/lemur/dns_providers/util.py
+++ b/lemur/dns_providers/util.py
@@ -31,11 +31,11 @@ class DNSResolveError(DNSError):
 
 def is_valid_domain(domain):
     """Checks if a domain is syntactically valid and returns a bool"""
-    if len(domain) > 253:
-        return False
     if domain[-1] == ".":
         domain = domain[:-1]
-    fqdn_re = re.compile("(?=^.{1,254}$)(^(?:(?!\d+\.|-)[a-zA-Z0-9_\-]{1,63}(?<!-)\.?)+(?:[a-zA-Z]{2,})$)", re.IGNORECASE)
+    if len(domain) > 253:
+        return False
+    fqdn_re = re.compile("(?=^.{1,63}$)(^(?:[a-z0-9_](?:-*[a-z0-9_])+)$|^[a-z0-9]$)", re.IGNORECASE)
     return all(fqdn_re.match(d) for d in domain.split("."))
 
 
diff --git a/lemur/tests/test_dns_providers.py b/lemur/tests/test_dns_providers.py
index b8714a2d..83315be5 100644
--- a/lemur/tests/test_dns_providers.py
+++ b/lemur/tests/test_dns_providers.py
@@ -4,9 +4,20 @@ from lemur.dns_providers import util as dnsutil
 
 class TestDNSProvider(unittest.TestCase):
     def test_is_valid_domain(self):
-        self.assertTrue(dnsutil.is_valid_domain("example.com"))
-        self.assertTrue(dnsutil.is_valid_domain("foo.bar.org"))
-        self.assertTrue(dnsutil.is_valid_domain("_acme-chall.example.com"))
-        self.assertFalse(dnsutil.is_valid_domain("e/xample.com"))
-        self.assertFalse(dnsutil.is_valid_domain("exam\ple.com"))
-        self.assertFalse(dnsutil.is_valid_domain("*.example.com"))
+        self.assertTrue(dnsutil.is_valid_domain('example.com'))
+        self.assertTrue(dnsutil.is_valid_domain('foo.bar.org'))
+        self.assertTrue(dnsutil.is_valid_domain('exam--ple.io'))
+        self.assertTrue(dnsutil.is_valid_domain('a.example.com'))
+        self.assertTrue(dnsutil.is_valid_domain('example.io'))
+        self.assertTrue(dnsutil.is_valid_domain('example-of-under-63-character-domain-label-length-limit-1234567.com'))
+        self.assertFalse(dnsutil.is_valid_domain('example-of-over-63-character-domain-label-length-limit-123456789.com'))
+        self.assertTrue(dnsutil.is_valid_domain('_acme-chall.example.com'))
+        self.assertFalse(dnsutil.is_valid_domain('e/xample.com'))
+        self.assertFalse(dnsutil.is_valid_domain('exam\ple.com'))
+        self.assertFalse(dnsutil.is_valid_domain('<example.com'))
+        self.assertFalse(dnsutil.is_valid_domain('*.example.com'))
+        self.assertFalse(dnsutil.is_valid_domain('-example.io'))
+        self.assertFalse(dnsutil.is_valid_domain('example-.io'))
+        self.assertFalse(dnsutil.is_valid_domain('example..io'))
+        self.assertFalse(dnsutil.is_valid_domain('exa mple.io'))
+        self.assertFalse(dnsutil.is_valid_domain('-'))