query (cache) 'coriander.plus.com/A/IN' denied
Barry Margolin
barmar at alum.mit.edu
Sat Mar 21 15:26:50 UTC 2009
In article <gq155c$1n3g$1 at sf1.isc.org>,
Ronan Flood <usenet at umbral.org.uk> wrote:
> Barry Margolin <barmar at alum.mit.edu> wrote:
>
> > This suggests one of the following problems:
> >
> > 1. 95.102.17.107 is pointing to your nameserver in its resolver
> > configuration, but your server doesn't allow them to use you as a
> > resolver (the IP isn't in your allow-recursion and allow-query-cache
> > ACL).
> >
> > 2. The plus.com zone is delegated to your server, but you're not
> > properly configured to serve it.
>
> 3. Incorrect behaviour by the resolver behind 95.102.17.107.
>
> I admin an authoritative nameserver which hosts domains with MX records
> outside the zones: commercial spam/virus-filtering companies providing
> the MXs for their mail customers which are our DNS-hosting customers.
> I regularly see queries for the MX records of the hosted domains being
> immediately followed by queries for the A records for their out-of-zone
> MX servers. I infer confusion within the resolvers about which
> nameservers to query.
Could it be the built-in resolver in spamming software?
The OP sent me a private email with a bunch of these lines, with
different IPs. They were from Russia, Italy, and Ukraine.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
More information about the bind-users
mailing list