Determining case of REFUSED queries
J Doe
general at nativemethods.com
Thu Oct 3 21:31:56 UTC 2024
On 2024-09-19 19:17, Mark Andrews wrote:
> I think the reason for the REFUSED is pretty obvious
>
> % dig +norec google._domainkey.socialinnovation.ca @173.245.59.231 txt
>
> ; <<>> DiG 9.21.0-dev <<>> +norec google._domainkey.socialinnovation.ca @173.245.59.231 txt
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 10815
> ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
> ; EDE: 20 (Not Authoritative)
> ;; QUESTION SECTION:
> ;google._domainkey.socialinnovation.ca. IN TXT
>
> ;; Query time: 14 msec
> ;; SERVER: 173.245.59.231#53(173.245.59.231) (UDP)
> ;; WHEN: Fri Sep 20 09:03:48 AEST 2024
> ;; MSG SIZE rcvd: 72
>
> %
>
> Now you just need to work out why you where asking 173.245.59.231
> rather than the actual nameservers for socialinnovation.ca.
>
> socialinnovation.ca. 86400 IN NS dns.rebel.ca.
> socialinnovation.ca. 86400 IN NS dns2.rebel.ca.
> dns2.rebel.ca. 86400 IN A 52.10.144.165
> dns.rebel.ca. 86400 IN A 52.3.166.104
Hi Mark,
Interesting!
The only thing I can think of that may be causing this issue is that
this e-mail server makes use of SpamAssassin 4.0.0, which would be doing
lookups for DKIM, DMARC.
Has anyone noticed anything similar ? It only seems to happen with the
socialinnovation.ca domain.
Thanks,
- J
More information about the bind-users
mailing list