Logging

Timothe Litt litt at acm.org
Tue Jan 8 13:58:22 UTC 2013


> You might as well solve world poverty and cure cancer while you're at it. :-)
Maybe tomorrow.
> How do you notify someone -- good luck getting valid contact data for the domain holder
As I suggested - if we put data into a database/trouble list, shame 
should work.  Or their customers will find it and complain.   And in 
that scenario, the database has to be accessible - not the faulty 
server/domain.

  If we log back to their servers (IP address is known, since we traced 
the delegation and  got a lame reply), there some chance it will be seen.
> hat their DNS is bust if you can't get to their web site or send them email?
I didn't say it was perfect.  But these days, the admin e-mail is as 
often as not in another domain - I recommend this.  And in theory there 
are supposed to be phone/fax/even snail-mail contact info in Whois - 
though that is controversial these days.  And, frequently the issue is 
that one nameserver is lame, but another is not.  So the admin thinks 
her domain is up, and clients just get slow/broken responses a fraction 
of the time.  So e-mail may go thru.

In any case, *attempting* to record the data where it might be acted 
upon seems like it would be a step up from the current situation.  
Today, the lame server logging delivers data to the source about 0% of 
the time.   If my suggestion increases that to any non-zero number, it 
would be an improvement.

Timothe Litt
ACM Distinguished Engineer
--------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.

On 08-Jan-13 08:44, Jim Reid wrote:
> On 8 Jan 2013, at 13:19, Timothe Litt <litt at acm.org> wrote:
>
>> What I think would be more useful is if named actually reported the issues to where they'd do some good.
> You might as well solve world poverty and cure cancer while you're at it. :-)
>
> I think you may well have not thought this out. How do you notify someone -- good luck getting valid contact data for the domain holder -- that their DNS is bust if you can't get to their web site or send them email?
>
> FYI, I had to contact all ICANN-accredited registrars last year. Around 15% of the email addresses they'd supplied to ICANN when they got accredited didn't work. A few of those registrars had no working email servers or DNS server at all. If that's what happens with people who are supposedly DNS-clueful, imagine what it must be like for the general public.
>
>


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5159 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20130108/f4f30b0e/attachment.bin>


More information about the bind-users mailing list