Dealing with "unexpected RCODE (SERVFAIL)"

Mark Andrews marka at isc.org
Tue Mar 16 12:43:19 UTC 2010


In message <20100316090709.GC7223 at fantomas.sk>, Matus UHLAR - fantomas writes:
> On 16.03.10 09:45, Ruben Laban wrote:
> > In my logs I see numerous line like these:
> > 
> > Mar 16 04:59:13 mx02 named[4606]: unexpected RCODE (SERVFAIL) 
> > resolving 'hotmeil.com/MX/IN': 10.2.1.3#53
> > Mar 16 04:59:14 mx02 named[4606]: unexpected RCODE (SERVFAIL) 
> > resolving 'hotmeil.com/MX/IN': 10.0.1.3#53
> > Mar 16 04:59:15 mx02 named[4606]: unexpected RCODE (SERVFAIL) 
> > resolving 'hotmeil.com/MX/IN': 10.1.1.3#53
> > 
> > The hostname that's being tried to resolve obviously has a typo in it, user
> s 
> > tend to make such mistakes a lot.
> > 
> > In our case mx02 runs it own caching nameserver, which uses our internal 
> > caching nameservers (10,[012].1.3) as forwarders.
> > 
> > Is there something I can change in the configuration of either (or both) mx
> 02 
> > or 10.[012].1.3 to prevent "the unexpected"?
> 
> the microsoft's nameservers are providing only A and TXT records for
> hotmeil.com. They return ". IN SOA (NOERROR)" for other questions.
> This is apparently invalid and causes the SERVFAIL.
> 
> seems it's time to blame microsoft.

And the lack of a way to register a name in COM without creating a
delegation.  And the lack of a way to say this domain name is not
a valid email domain.

The best thing would be for hotmeil.com to always return NXDOMAIN
and people would correct their spelling errors.  Unfortunately there
is not way to register hotmeil.com without creating a delegation
and you could you have these ISP's that hijack NXDOMAIN and rewrite
it so you get a A record instead of NXDOMAIN.

So Microsoft have to supply a A record but they don't want it to
be used for email so they need to break the MX lookup so MTA's soft
fail and eventually (days later) return the email to the sender.

Mark

> > Is it safe to ignore these error completely (either in our filters or in 
> > bind's configuration)? I'm a bit hesitant to do so, since I got the feeling
>  
> > that I might miss out on actual problems occuring (other than users not bei
> ng 
> > able to spell).
> 
> you can ignore it or set up own empty version of hotemil.com. Or, fill bug
> in their reporting system.
> 
> -- 
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> I intend to live forever - so far so good. 
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org



More information about the bind-users mailing list