Matthäus Wander matthaeus.wander at
Tue Jul 23 00:34:53 UTC 2013


Grace Ingabire writes:
> Does anyone know what is going on here? As I can't understand why we do
> receive a lot of these messages in our logs.
> Jul 22 14:18:21 ns1 named[13045]: client query
> (cache) '' denied
> [...]

I'm the zone owner of What you're seeing there are
queries by open resolvers (more accurately: forwarders of open resolvers).

This is part of a research project to measure the effect of the DNS
injection censorship method. is a name being blocked by
by the Great Firewall of China via DNS injection. By querying for we can test whether the open resolver has a
clean, uncensored path to your TLD nameservers.

I'll add the addresses of .rw to our blacklist, so you won't be seeing
any more of these queries. Sorry for inconvenience.

Let me know if you have further questions.

Matthäus Wander

Universität Duisburg-Essen
Verteilte Systeme
Bismarckstr. 90 / BC 316
47057 Duisburg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5156 bytes
Desc: S/MIME Cryptographic Signature
URL: <>

More information about the bind-users mailing list