Return a default record for invalid requests (non existent domain).

Robert Messinger lists at mail.tiggee.com
Wed Sep 4 23:22:34 UTC 2002 


So does this mean I can return a default record?
I didn't want to create a zone file for each domain.

Can BIND do this?





On Thu, 5 Sep 2002 Mark_Andrews at isc.org wrote:

> 
> > 
> > Robert Messinger wrote:
> > 
> > > I have had many people throw their NS records on our DNS servers.
> > > Just to either park them or to kill off old links and requests.
> > >
> > > But since the domains do not exist on my nameserver they are
> > > getting slammed my these invalid requests (and I don't believe
> > > the negative response is cached since the domain does not exist).
> > >
> > > In BIND is it possible to return a default record for domains which
> > > do not exist on the system?  Is it even legal to give back an
> > > answer?  (I feel like sending everyone to a porn site or something.)
> > > It's bandwidth to our systems so I believe I can return whatever I want
> > > but I may be wrong here.  But there are over 500,000 invalid requests
> > > a day for some domains.
> > 
> > My opinion is: if someone points an NS to my nameserver, they are giving
> > me authority to return whatever I want for queries in that domain.
> > 
> > I don't know if the law agrees with me on this, though. I suspect that
> > there is a conspicuous lack of legal precedent in this area. Do you feel
> lucky?
> > 
> > 
> > - Kevin
> 
> 	Well registrars *should* be checking before changing NS
> 	records that the organization hosting the new nameservers
> 	approves of the change.  Make sure you havn't given blanket
> 	approval in the past.
> 
> 	You should complain the the registrar that approved the change
> 	without first verifying the change was valid.  You should get
> 	them to remove the offending NS records.
> 
> 	Note: it might take a law-suit or two before they all get
> 	the idea that blindly changing NS records to point to third
> 	party servers is wrong.  It would be nice to think that one
> 	wouldn't have to go down that path but I expect that it
> 	will need a test case given history.  Before going down
> 	this path be 100% sure that it is not your own screw up and
> 	consult a lawyer.
> 	
> 	Mark
> --
> Mark Andrews, Internet Software Consortium
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org
>

More information about the bind-users mailing list