peak Posted September 13, 2004 Share Posted September 13, 2004 NXDOMAIN answers from bl.spamcop.net's nameservers include spamcop.net SOA in their authority sections. Here is an example: $ dig 126.96.36.199.bl.spamcop.net txt [at]188.8.131.52 +norec +multiline ; <<>> DiG 9.2.1 <<>> 184.108.40.206.bl.spamcop.net txt [at]220.127.116.11 +norec +multiline ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 7423 ;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;18.104.22.168.bl.spamcop.net. IN TXT ;; AUTHORITY SECTION: spamcop.net. 0 IN SOA bl.spamcop.net. hostmaster.admin.spamcop.net. ( 1095065330 ; serial 3600 ; refresh (1 hour) 1800 ; retry (30 minutes) 3600 ; expire (1 hour) 0 ; minimum (0 seconds) ) ;; Query time: 180 msec ;; SERVER: 22.214.171.124#53(126.96.36.199) ;; WHEN: Mon Sep 13 10:50:54 2004 ;; MSG SIZE rcvd: 103 This is WRONG. bl's nameservers are not authoritative for spamcop.net. This misbehaviour makes my BIND very unhappy and it generates tons of (slightly misleading) error messages reading "bad referral (spamcop.net !< bl.spamcop.NET) from [X.Y.Z.W].53". Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.