strange dnssec question
Edwardo Garcia
wdgarc88 at gmail.com
Tue Aug 17 13:46:45 UTC 2021
Hola
We have dnssec working for long time but need now to have a subdomain
excluded, we are going to be use it to replace an internal blacklist, we
have 14 smtp servers and it is cumbersome to keep in sync.
So we have example.net signed,
but we want black.example.net, and of course all addresses under, eg:
4.3.2.1.black.example.net to work, at present of course this presents
SERVFAIL because dnssec, obvious "black" needs to be in example.net zone,
nd its dns is ns999 whichwork when dnssec disabled but this is not optimum
looking for suggestion or guidance to how we fix this please? Ir this is
not possible?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20210817/5034d9d3/attachment.htm>
More information about the bind-users
mailing list