sjcarr at gmail.com
Tue Jul 26 09:02:35 UTC 2016
On 26 July 2016 at 09:53, Tony Finch <dot at dotat.at> wrote:
> Ejaz <mejaz at cyberia.net.sa> wrote:
>> I am not using iptable firewall from my redhat Linux box, all traffic
>> manged by network team..
You might want to check whether the requests are legitimate before
completely blocking them, rate limiting would be a better option.
$ dig +noall +answer -x 18.104.22.168
22.214.171.124.in-addr.arpa. 3531 IN PTR mail1.alireza.com.sa.
That IP address looks like it belongs to a mail server, and the
alireza.com.sa zone is authoritative on your company's name servers,
so it could be they have simply misconfigured their mailserver.
$ dig +noall +answer alireza.com.sa NS
alireza.com.sa. 3468 IN NS ns2.cyberia.net.sa.
alireza.com.sa. 3468 IN NS ns1.cyberia.net.sa.
More information about the bind-users