it would be nice if NXDOMAIN zonoes could be configured

Mark Andrews Mark_Andrews at
Thu Jan 18 00:05:00 UTC 2007

> there's at least two situations when I'd like to be able to 
> add a zone, but instead of using a zone file have bind
> return an (authoritative) NXDOMAIN
> 1) for domains involved in phishing and other nefarious
>    purposes. This is to protect hosts on our network.
>    At present we use an empty zone, but in some ways it
>    would be nicer if NXDOMAIN was returned
> 2) for domains which represent unwanted delegations, e.g.
>    belonging to ex-clients who are no longer interested in
>    the domain. Unfortunately registries/registrars in general 
>    do not recognize operators of name-servers they make
>    delegations to and do not offer any process whereby said
>    operators can have unwanted delegations removed, e.g. APNIC
>      "we merely operate a database, the content is not our
>       responsibility"

	Well registries do put delegations "On Hold".  Usually this
	is for spaming or some other illegal purpose.

	There is no reason why they can't pull delegations.
	I suspect one or two court cases will set a precedent.

	Now the question is who should you be suing?  I would sue
	the domain registant to remove the delegation to your
	servers.  If they fail to act on a simple "Cease and Desist"
	request.  If they fail act on the "Cease and Desist" I suspect
	that they will fail to turn up in court and the court will
	issue a directive to have the delegation removed.

	The registry should listen to a court order.

	The registry will most probably also need to be informed
	of the case as they will be a interested party.

> cheers,
> Danny Thomas
> -- 
>    d.thomas at    Danny Thomas,                                  
>           +61-7-3365-8221    Software Infrastructure,
>    ITS, The University of Queensland
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at

More information about the bind-users mailing list