BIND sending quesries to

Roland Dirlewanger Roland.Dirlewanger at
Thu Mar 1 08:15:03 UTC 2007

Wiley Sanders wrote:

>We have some Solaris and Fedora hosts set up as BIND "Applicances" for
>customers to use (abuse :-) ) as destinations for their resolvers and
>forwarders. We're seeing a few hosts sending out DNS queries to
>, all asking for lookups at
> ->    DNS C
>Internet Addr ?
> ->    DNS C
> Internet Addr ?
> ->    DNS C
>Internet Addr ?
> ->    DNS C
> Internet Addr ?
> ->    DNS C
> Internet Addr ?
You should have a look on the configuration of your SMTP server, or any 
SMTP server that uses your DNS for resolving addresses. One of these 
SMTP servers is probably still configured to use the Open Relay Database 
( : on each incoming connection from a client with IP address 
a.b.c.d, your mail server tries to resolve 
Depending on the result, the SMTP server may qualify a.b.c.d as an open 
SMTP relay and reject the incoming mail.

The problem is that stopped its services on jan 1st, 2007. In 
the beginning of january, the NS RR in were replaced by 
"IN NS". This explains why requests are sent out using this 

The fix is simply to remove the use of ORDB in the configuration of your 
SMTP connexion.  For Postfix, you can do that by removing 
"reject_rbl_client" from  the "smtpd_client_restrictions".


Roland Dirlewanger <Roland.Dirlewanger at>
CNRS - Delegation Aquitaine-Limousin
Esplanade des Arts et Metiers

Tel :, Fax :

More information about the bind-users mailing list