How not to set up your DNS (part 17)
Here is an interesting one that caused me to go digging into the moderate depths of DNS arcana:
; sdig ns just-dust.com dns1.name-services.com. dns2.name-services.com. dns3.name-services.com. dns4.name-services.com. dns5.name-services.com. ; dig mx servidor134.just-dust.com [...] ;; [...] status: SERVFAIL, [...]
This isn't for any simple reason, such as the servers refusing to answer
us or not being authoritative or whatnot. Instead, they have managed to
get the 'no such record' reply wrong; instead
of returning a SOA record for just-dust.com, they return what looks like
a lame delegation response (pointing at themselves), except that it has
the aa
bit set.
What may be going on is that name-services.com seems to be running a very peculiar nameserver that has the moral equivalent of a wildcard CNAME record for just-dust.com, but only for A record queries; if you ask directly for a CNAME for foo.bar.just-dust.com, you get a normal 'no such data' reply, but if you ask for the A record for that you get back a reply with a CNAME plus an A record. Presumably as a result of this, almost all queries for MX records of names inside the just-dust.com zone get these lame delegation replies.
(Not all MX queries; just-dust.com MXes to mail.just-dust.com, and name-services.com will return an MX record for that.)
|
|