Logging
Timothe Litt
litt at acm.org
Tue Jan 8 13:58:22 UTC 2013
> You might as well solve world poverty and cure cancer while you're at it. :-)
Maybe tomorrow.
> How do you notify someone -- good luck getting valid contact data for the domain holder
As I suggested - if we put data into a database/trouble list, shame
should work. Or their customers will find it and complain. And in
that scenario, the database has to be accessible - not the faulty
server/domain.
If we log back to their servers (IP address is known, since we traced
the delegation and got a lame reply), there some chance it will be seen.
> hat their DNS is bust if you can't get to their web site or send them email?
I didn't say it was perfect. But these days, the admin e-mail is as
often as not in another domain - I recommend this. And in theory there
are supposed to be phone/fax/even snail-mail contact info in Whois -
though that is controversial these days. And, frequently the issue is
that one nameserver is lame, but another is not. So the admin thinks
her domain is up, and clients just get slow/broken responses a fraction
of the time. So e-mail may go thru.
In any case, *attempting* to record the data where it might be acted
upon seems like it would be a step up from the current situation.
Today, the lame server logging delivers data to the source about 0% of
the time. If my suggestion increases that to any non-zero number, it
would be an improvement.
Timothe Litt
ACM Distinguished Engineer
--------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.
On 08-Jan-13 08:44, Jim Reid wrote:
> On 8 Jan 2013, at 13:19, Timothe Litt <litt at acm.org> wrote:
>
>> What I think would be more useful is if named actually reported the issues to where they'd do some good.
> You might as well solve world poverty and cure cancer while you're at it. :-)
>
> I think you may well have not thought this out. How do you notify someone -- good luck getting valid contact data for the domain holder -- that their DNS is bust if you can't get to their web site or send them email?
>
> FYI, I had to contact all ICANN-accredited registrars last year. Around 15% of the email addresses they'd supplied to ICANN when they got accredited didn't work. A few of those registrars had no working email servers or DNS server at all. If that's what happens with people who are supposedly DNS-clueful, imagine what it must be like for the general public.
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5159 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130108/f4f30b0e/attachment.bin>
More information about the bind-users
mailing list