<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>173.245.59.231 is a cloudflare name server.</p>
<p>I get this:<br>
</p>
<p><span style="font-family:monospace"><span
style="color:#000000;background-color:#ffffff;">dig ns
socialinnovation.ca
</span><br>
<br>
; <<>> DiG 9.16.50-Debian <<>> ns
socialinnovation.ca
<br>
;; global options: +cmd
<br>
;; Got answer:
<br>
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:
29081
<br>
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0,
ADDITIONAL: 9
<br>
<br>
;; OPT PSEUDOSECTION:
<br>
; EDNS: version: 0, flags:; udp: 1232
<br>
; COOKIE: bc6332beb03bea8e0100000066ff17e01aa70cbb6939d99f
(good)
<br>
;; QUESTION SECTION:
<br>
;socialinnovation.ca. IN NS
<br>
<br>
;; ANSWER SECTION:
<br>
socialinnovation.ca. 3600 IN NS dns.rebel.ca.
<br>
socialinnovation.ca. 3600 IN NS
sean.ns.cloudflare.com.
<br>
socialinnovation.ca. 3600 IN NS
kami.ns.cloudflare.com.
<br>
socialinnovation.ca. 3600 IN NS dns2.rebel.ca.
<br>
<br>
;; ADDITIONAL SECTION:
<br>
dns.rebel.ca. 86400 IN A 52.3.166.104
<br>
dns2.rebel.ca. 86400 IN A 52.10.144.165
<br>
sean.ns.cloudflare.com. 54981 IN A 108.162.193.231
<br>
sean.ns.cloudflare.com. 54981 IN A 172.64.33.231
<br>
sean.ns.cloudflare.com. 54981 IN A 173.245.59.231
<br>
sean.ns.cloudflare.com. 54981 IN AAAA
2606:4700:58::adf5:3be7
<br>
sean.ns.cloudflare.com. 54981 IN AAAA
2803:f800:50::6ca2:c1e7
<br>
sean.ns.cloudflare.com. 54981 IN AAAA
2a06:98c1:50::ac40:21e7
<br>
<br>
;; Query time: 156 msec
<br>
;; SERVER: 192.168.250.1#53(192.168.250.1)
<br>
;; WHEN: Thu Oct 03 17:17:04 CDT 2024
<br>
;; MSG SIZE rcvd: 340<br>
</span></p>
<p><span style="font-family:monospace">But a whois query for this
domain only lists dns.rebel.ca and dns2.rebel.ca for name
servers.</span></p>
<p><span style="font-family:monospace">Wonder if the cloudflare
server are not getting a good axfr from the rebel.ca servers or
something else is wrong.</span></p>
<p><span style="font-family:monospace">Lyle Giese<br>
</span></p>
<p><span style="font-family:monospace"><br>
</span></p>
<div class="moz-cite-prefix">On 10/3/24 16:31, J Doe wrote:<br>
</div>
<blockquote type="cite"
cite="mid:c8c015f0-d757-407a-9c47-3e273228272a@nativemethods.com">On
2024-09-19 19:17, Mark Andrews wrote:
<br>
<blockquote type="cite">I think the reason for the REFUSED is
pretty obvious
<br>
<br>
% dig +norec google._domainkey.socialinnovation.ca
@173.245.59.231 txt
<br>
<br>
; <<>> DiG 9.21.0-dev <<>> +norec
google._domainkey.socialinnovation.ca @173.245.59.231 txt
<br>
;; global options: +cmd
<br>
;; Got answer:
<br>
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id:
10815
<br>
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
<br>
<br>
;; OPT PSEUDOSECTION:
<br>
; EDNS: version: 0, flags:; udp: 512
<br>
; EDE: 20 (Not Authoritative)
<br>
;; QUESTION SECTION:
<br>
;google._domainkey.socialinnovation.ca. IN TXT
<br>
<br>
;; Query time: 14 msec
<br>
;; SERVER: 173.245.59.231#53(173.245.59.231) (UDP)
<br>
;; WHEN: Fri Sep 20 09:03:48 AEST 2024
<br>
;; MSG SIZE rcvd: 72
<br>
<br>
%
<br>
<br>
Now you just need to work out why you where asking
173.245.59.231
<br>
rather than the actual nameservers for socialinnovation.ca.
<br>
<br>
socialinnovation.ca. 86400 IN NS dns.rebel.ca.
<br>
socialinnovation.ca. 86400 IN NS dns2.rebel.ca.
<br>
dns2.rebel.ca. 86400 IN A 52.10.144.165
<br>
dns.rebel.ca. 86400 IN A 52.3.166.104
<br>
</blockquote>
<br>
<br>
Hi Mark,
<br>
<br>
Interesting!
<br>
<br>
The only thing I can think of that may be causing this issue is
that
<br>
this e-mail server makes use of SpamAssassin 4.0.0, which would be
doing
<br>
lookups for DKIM, DMARC.
<br>
<br>
Has anyone noticed anything similar ? It only seems to happen
with the
<br>
socialinnovation.ca domain.
<br>
<br>
Thanks,
<br>
<br>
- J
<br>
<br>
<br>
</blockquote>
</body>
</html>