[46983] in North American Network Operators' Group
Re: is your host or dhcp server sending dns dynamic updates
daemon@ATHENA.MIT.EDU (Simon Higgs)
Sat Apr 20 01:15:25 2002
Message-Id: <5.1.0.14.2.20020419220232.01bdfa10@oak.higgs.net>
Date: Fri, 19 Apr 2002 22:14:37 -0700
To: nanog@merit.edu
From: Simon Higgs <simon@higgs.com>
In-Reply-To: <20020419184145.C5496@ehlke.net>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Errors-To: owner-nanog-outgoing@merit.edu
At 06:41 PM 4/19/2002 -0700, Pete Ehlke wrote:
>On Fri, Apr 19, 2002 at 06:32:58PM -0700, Simon Higgs wrote:
> >
> > SOAs with bogus.domain.names pointing to 127.0.0.1 appear to be causing
> > email to bounce (amongst other things).
>
>Ermm... Do you have any actual evidence for this assertion?
Not yet. But the common thread to this is that every domain that vanishes
(and causes email to bounce) has got a bogus MNAME entry (i.e. MNAME is
unroutable). This isn't a root specific problem as legacy root users have
reported this problem alongside ORSC users. The bogus MNAME may be a red
herring, but it's what we're looking at as a possible common cause.
>An mta that
>examines MNAME is horribly, horribly broken. I can't imagine anything
>but the worst sort of spamware actually doing this.
Yes, but given that all software is broken by nature, and that there is a
filing cabinet full of CERT advisories, why would you be surprised at
either SendMail or BIND being the culprit under certain circumstances?
Maybe even for a totally different reason.
Best Regards,
Simon
--
###
