<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto">Well, I already told you what’s wrong and you ignored that part. Please read it again and understand what it means to delegate a part of the zone. Your problems are not specific to BIND 9, it’s just your zone file is wrong.<br><br>Ondrej<br><div dir="ltr"><div>--</div>Ondřej Surý — ISC</div><div dir="ltr"><br><blockquote type="cite">On 10 Dec 2019, at 17:43, Edouard Guigné via bind-users <bind-users@lists.isc.org> wrote:<br><br></blockquote></div><blockquote type="cite"><div dir="ltr">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<p>Hello,</p>
<p>What is wrong with my file zone ?<br>
Why espcially for _dmarc IN TXT <br>
I cannot get the ANSWER SECTION with a dig command ?</p>
<p>Best Regards,<br>
</p>
<div class="moz-forward-container">Ed<br>
<br>
-------- Message transféré --------
<table class="moz-email-headers-table" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Sujet :
</th>
<td>Re: How to set up a dmarc record ?</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Date : </th>
<td>Tue, 10 Dec 2019 11:51:47 -0300</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">De : </th>
<td>Edouard Guigné via bind-users
<a class="moz-txt-link-rfc2396E" href="mailto:bind-users@lists.isc.org"><bind-users@lists.isc.org></a></td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Répondre
à : </th>
<td>Edouard Guigné <a class="moz-txt-link-rfc2396E" href="mailto:eguigne@pasteur-cayenne.fr"><eguigne@pasteur-cayenne.fr></a></td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Pour : </th>
<td><a class="moz-txt-link-abbreviated" href="mailto:bind-users@lists.isc.org">bind-users@lists.isc.org</a> >> bind-users
<a class="moz-txt-link-rfc2396E" href="mailto:bind-users@lists.isc.org"><bind-users@lists.isc.org></a></td>
</tr>
</tbody>
</table>
<br>
<br>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<p>Hello,</p>
<p>I changed to "_dmarc" instead of "_dmarc.pasteur-cayenne.fr"<br>
<font size="-2">_dmarc IN TXT ( "v=DMARC1; p=none; "<br>
"rua=<a class="moz-txt-link-freetext" href="mailto:dmarc@pasteur-cayenne.fr" moz-do-not-send="true">mailto:dmarc@pasteur-cayenne.fr</a>;
pct=5; "<br>
"sp=none; aspf=r" )</font></p>
<p>My zone file is updated :<br>
<font size="-2"># named-checkzone pasteur-cayenne.fr
/var/named/external/db.pasteur-cayenne.fr<br>
zone pasteur-cayenne.fr/IN: loaded serial 2019120810<br>
OK</font></p>
<p>But It still does not give the dmarc ANSWER SECTION expected :<br>
<font size="-2"># dig IN txt _dmarc.pasteur-cayenne.fr.
@ara.pasteur-cayenne.fr.<br>
<br>
; <<>> DiG 9.11.4-P2-RedHat-9.11.4-9.P2.el7
<<>> IN txt _dmarc.pasteur-cayenne.fr.
@ara.pasteur-cayenne.fr.<br>
;; global options: +cmd<br>
;; Got answer:<br>
;; ->>HEADER<<- opcode: QUERY, status: NOERROR,
id: 4753<br>
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1,
ADDITIONAL: 2<br>
;; WARNING: recursion requested but not available<br>
<br>
;; OPT PSEUDOSECTION:<br>
; EDNS: version: 0, flags:; udp: 4096<br>
;; QUESTION SECTION:<br>
;_dmarc.pasteur-cayenne.fr. IN TXT<br>
<br>
;; AUTHORITY SECTION:<br>
_dmarc.pasteur-cayenne.fr. 3600 IN NS
ara.pasteur-cayenne.fr.<br>
<br>
;; ADDITIONAL SECTION:<br>
ara.pasteur-cayenne.fr. 3600 IN A 186.2.246.17<br>
<br>
;; Query time: 0 msec<br>
;; SERVER: 186.2.246.17#53(186.2.246.17)<br>
;; WHEN: mar. déc. 10 11:42:21 -03 2019<br>
;; MSG SIZE rcvd: 88</font></p>
<p><br>
</p>
<p><br>
</p>
<div class="moz-cite-prefix">Le 10/12/2019 à 10:46, Ondřej Surý a
écrit :<br>
</div>
<blockquote type="cite" cite="mid:F72F13DD-32B2-4A7D-AA6A-43B31F3555F9@isc.org">
<pre class="moz-quote-pre" wrap="">Also the record on the next line looks suspicious:
IN NS ara.pasteur-cayenne.fr.</pre>
</blockquote>
<p>I am very sorry because I am not very used with bind.<br>
</p>
<p>"ara" is the primary DNS for internet.</p>
<p>Is this line redundant with the line before ?<br>
NS ara.pasteur-cayenne.fr.</p>
<p><br>
</p>
<blockquote type="cite" cite="mid:F72F13DD-32B2-4A7D-AA6A-43B31F3555F9@isc.org">
<pre class="moz-quote-pre" wrap="">As you delegated the whole subdomain to ara.p-c.fr again:
$ dig IN TXT _dmarc.pasteur-cayenne.fr.pasteur-cayenne.fr. @ara.pasteur-cayenne.fr.
; <<>> DiG 9.11.8 <<>> IN TXT _dmarc.pasteur-cayenne.fr.pasteur-cayenne.fr. @ara.pasteur-cayenne.fr.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52693
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 2
;; WARNING: recursion requested but not available
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 35c43e4d3150d78270cae65e5defa16cbf8158df5e59c89c (good)
;; QUESTION SECTION:
;_dmarc.pasteur-cayenne.fr.pasteur-cayenne.fr. IN TXT
;; AUTHORITY SECTION:
_dmarc.pasteur-cayenne.fr.pasteur-cayenne.fr. 3600 IN NS ara.pasteur-cayenne.fr.
;; ADDITIONAL SECTION:
ara.pasteur-cayenne.fr. 3600 IN A 186.2.246.17
;; Query time: 192 msec
;; SERVER: 186.2.246.17#53(186.2.246.17)
;; WHEN: Tue Dec 10 14:45:16 CET 2019
;; MSG SIZE rcvd: 135
I don’t think it was an intent.
Ondrej
--
Ondřej Surý
<a class="moz-txt-link-abbreviated" href="mailto:ondrej@isc.org" moz-do-not-send="true">ondrej@isc.org</a>
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">On 10 Dec 2019, at 14:37, Niall O'Reilly <a class="moz-txt-link-rfc2396E" href="mailto:niall.oreilly@ucd.ie" moz-do-not-send="true"><niall.oreilly@ucd.ie></a> wrote:
On 10 Dec 2019, at 13:30, Edouard Guigné wrote:
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">; DMARC
_dmarc.pasteur-cayenne.fr IN TXT ( "v=DMARC1; p=none; "
"rua=[<a class="moz-txt-link-freetext" href="mailto:dmarc@pasteur-cayenne.fr" moz-do-not-send="true">mailto:dmarc@pasteur-cayenne.fr</a>](<a class="moz-txt-link-rfc2396E" href="mailto:dmarc@pasteur-cayenne.fr" moz-do-not-send="true"><mailto:dmarc@pasteur-cayenne.fr></a>); pct=5; "
"sp=none; aspf=r" )
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">Instead of "_dmarc.pasteur-cayenne.fr", you should put "_dmarc",
leaving out ".pasteur-cayenne.fr", just as you did for the DKIM
record.
Niall O'Reilly
_______________________________________________
Please visit <a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/bind-users" moz-do-not-send="true">https://lists.isc.org/mailman/listinfo/bind-users</a> to unsubscribe from this list
bind-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:bind-users@lists.isc.org" moz-do-not-send="true">bind-users@lists.isc.org</a>
<a class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/bind-users" moz-do-not-send="true">https://lists.isc.org/mailman/listinfo/bind-users</a>
</pre>
</blockquote>
</blockquote>
</div>
<span>_______________________________________________</span><br><span>Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list</span><br><span></span><br><span>bind-users mailing list</span><br><span>bind-users@lists.isc.org</span><br><span>https://lists.isc.org/mailman/listinfo/bind-users</span><br></div></blockquote></body></html>