Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff

2012-11-30 Thread SM Admin
Hi Sandy,

I forwarded your last reply to Comcast but haven't heard from anyone there 
since that last message where the tech says he can't help me any further.

At this point, I'd sure like to fight with them some more just because of the 
obnoxious replies by Mr. Jones, but I'm not sure it's worth the time.  What 
I've notice is that while I continue to get a trickle of messages showing up at 
the old mail server, since last weekend they've only been spam.  I'm not sure 
how, but it seems that some spammers are still latched on to the wrong (out of 
date) DNS information.  Strange, huh?

Thanks again for all your help and the same for Shaun.

Ben
  - Original Message -
  From: Sanford Whiteman
  To: Declude.JunkMail@declude.com
  Sent: Wednesday, November 28, 2012 7:24 PM
  Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS 
stuff


  Ben,

  Thanks for running your questions by me. Feel free to forward this
  message to your Comcast rep. Even if he is unwilling to help you
  further, there is information below that will help him be more
  accurate in future cases, since he currently lacks sufficient
  understanding of DNS.

  Mr. Jones is seemingly unaware of the difference between a delegated
  subdomain and a hostname. This gap in understanding does call the
  other conclusions into question, and I would not consider his to be an
  expert-level response. NOTE: I don't know if Comcast is or is not
  ultimately at fault for your mail delivery problems, but I would
  advise you to look for more expert testimony.

  It's perfectly normal for a hostname to be both the label and the
  value of an MX record (i.e. to be its own MX). In fact, the
  RFC-specified behavior of SMTP is to connect to the hostname to
  deliver mail to user@hostname in the absence of an MX record. All you
  are doing by adding hostname IN MX hostname is specifying that
  which would already be assumed (and also taking advantage of the MX
  algorithm).

  So normal is this configuration that I was able to quickly dig these
  examples from large, reputable domains:

  mail.beta.army.mil IN MX 10 mail.beta.army.mil
  ajax1.rutgers.edu IN MX 10 ajax1.rutgers.edu
  web.mail.vt.edu IN MX 0 web.mail.vt.edu
  webmail.uic.edu IN MX 0 webmail.uic.edu
  mail.messaging.microsoft.com IN MX 10 mail.messaging.microsoft.com
  webmail.villanova.edu IN MX 0 webmail.villanova.edu
  smtp01in.umuc.edu IN MX 0 smtp01in.umuc.edu
  mta4.wiscmail.wisc.edu IN MX 0 mta4.wiscmail.wisc.edu
  mail.dotster.com IN MX 0 mail.dotster.com

  Good luck with your continued troubleshooting!

  -- Sandy



  ---
  This E-mail came from the Declude.JunkMail mailing list.  To
  unsubscribe, just send an E-mail to imail...@declude.com, and
  type unsubscribe Declude.JunkMail.  The archives can be found
  at http://www.mail-archive.com.



---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.


Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff

2012-11-30 Thread Darin Cox
Hi Ben,

Spam only to a server that no longer has MX records pointing to it isn’t
really a surprise.  Spammers have been known to cache MX records and
continue to spam them long after an MX record is changed.

The rationale behind that may be to bypass spam filtering gateways that have
placed in front of a mail server.

Darin.



From: SM Admin
Sent: Friday, November 30, 2012 7:52 PM
To: Declude.JunkMail@declude.com
Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS
stuff

Hi Sandy,

I forwarded your last reply to Comcast but haven't heard from anyone there
since that last message where the tech says he can't help me any further.

At this point, I'd sure like to fight with them some more just because of
the obnoxious replies by Mr. Jones, but I'm not sure it's worth the time.
What I've notice is that while I continue to get a trickle of messages
showing up at the old mail server, since last weekend they've only been
spam.  I'm not sure how, but it seems that some spammers are still latched
on to the wrong (out of date) DNS information.  Strange, huh?

Thanks again for all your help and the same for Shaun.

Ben
  - Original Message -
  From: Sanford Whiteman
  To: Declude.JunkMail@declude.com
  Sent: Wednesday, November 28, 2012 7:24 PM
  Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS
stuff

  Ben,

  Thanks for running your questions by me. Feel free to forward this
  message to your Comcast rep. Even if he is unwilling to help you
  further, there is information below that will help him be more
  accurate in future cases, since he currently lacks sufficient
  understanding of DNS.

  Mr. Jones is seemingly unaware of the difference between a delegated
  subdomain and a hostname. This gap in understanding does call the
  other conclusions into question, and I would not consider his to be an
  expert-level response. NOTE: I don't know if Comcast is or is not
  ultimately at fault for your mail delivery problems, but I would
  advise you to look for more expert testimony.

  It's perfectly normal for a hostname to be both the label and the
  value of an MX record (i.e. to be its own MX). In fact, the
  RFC-specified behavior of SMTP is to connect to the hostname to
  deliver mail to user@hostname in the absence of an MX record. All you
  are doing by adding hostname IN MX hostname is specifying that
  which would already be assumed (and also taking advantage of the MX
  algorithm).

  So normal is this configuration that I was able to quickly dig these
  examples from large, reputable domains:

  mail.beta.army.mil IN MX 10 mail.beta.army.mil
  ajax1.rutgers.edu IN MX 10 ajax1.rutgers.edu
  web.mail.vt.edu IN MX 0 web.mail.vt.edu
  webmail.uic.edu IN MX 0 webmail.uic.edu
  mail.messaging.microsoft.com IN MX 10 mail.messaging.microsoft.com
  webmail.villanova.edu IN MX 0 webmail.villanova.edu
  smtp01in.umuc.edu IN MX 0 smtp01in.umuc.edu
  mta4.wiscmail.wisc.edu IN MX 0 mta4.wiscmail.wisc.edu
  mail.dotster.com IN MX 0 mail.dotster.com

  Good luck with your continued troubleshooting!

  -- Sandy



  ---
  This E-mail came from the Declude.JunkMail mailing list.  To
  unsubscribe, just send an E-mail to imail...@declude.com, and
  type unsubscribe Declude.JunkMail.  The archives can be found
  at http://www.mail-archive.com.



--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe,
just send an E-mail to imail...@declude.com, and type unsubscribe
Declude.JunkMail. The archives can be found at http://www.mail-archive.com.


---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.


Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff

2012-11-28 Thread SM Admin
Just for your amusement, here is my latest exchange with Comcast (read the
Comcast email first, then my response).

**
Dear Mr. Jones,

It does not surprise me that refuse to provide any further help.  Your
previous emails displayed a dismissive and confrontational attitude with a
lack of any real interest in finding an answer.  Your responses included
technical errors, contradictory statements, and failed to address some of my
key questions.  As near as I can tell, you are claiming that Comcast cannot
be responsible by simple proclamation.

Unfortunately, the evidence continues to indicate that Comcast is in same
way responsible.  The volume of erroneous emails has decreased, so perhaps
this was a temporary result of your recent change in DNS systems that is
slowly improving – one can only hope.  In the meanwhile, I would like a
referral to someone else at Comcast who has both technical knowledge and
some skill at customer relations.  Perhaps you or one of the others CC’d on
this email can provide that referral.

Sincerely,

Ben

From: Jones, Spencer
Sent: Wednesday, November 28, 2012 8:10 AM

As I stated before good luck. I can help you no more.

Spencer Jones
Engineer II Enterprise Technical Support
7150 S. Fulton St, Centennial, CO 80112





-Original Message-
From: Sanford Whiteman
Sent: Tuesday, November 27, 2012 6:09 PM
To: Declude.JunkMail@declude.com
Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS
stuff

 Actually, you did catch something.  The section that starts with
 Authority.  In his email he says Answer ns0.xname.org which I
 take to mean that he is getting that authorotative response from
 nso0.xname.org and not ns1.xname.org as you assume below.

It means ns0.xname.org is part of the answer(s) to the question he
asked, i.e. the A record for ns0.xname.org.

Doesn't mean that is/is not the server queried.

-- S.



---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.




---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.



Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff

2012-11-28 Thread SM Admin
I should add that the number of erroneous emails sent to the old mail server
has decreased.  From Thursday through Saturday it went down to zero and I
was hoping the problem had gone away.  Then it started up again on Sunday,
but at lower volume than before.  Interestingly, most of the emails now
received at the old server are spam.  In the last three days, I've only
received one email personally that was real mail and that went to the old
server.  By comparison, a week ago I had to check my account on the old
server every hour.

Ben

-Original Message-
From: Sanford Whiteman
Sent: Tuesday, November 27, 2012 6:09 PM
To: Declude.JunkMail@declude.com
Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS
stuff

 Actually, you did catch something.  The section that starts with
 Authority.  In his email he says Answer ns0.xname.org which I
 take to mean that he is getting that authorotative response from
 nso0.xname.org and not ns1.xname.org as you assume below.

It means ns0.xname.org is part of the answer(s) to the question he
asked, i.e. the A record for ns0.xname.org.

Doesn't mean that is/is not the server queried.

-- S.



---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.




---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.



Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff

2012-11-28 Thread Sanford Whiteman
 I should add that the number of erroneous emails sent to the old mail server
 has decreased.  From Thursday through Saturday it went down to zero and I
 was hoping the problem had gone away.  Then it started up again on Sunday,
 but at lower volume than before.  Interestingly, most of the emails now
 received at the old server are spam.  In the last three days, I've only
 received one email personally that was real mail and that went to the old
 server.  By comparison, a week ago I had to check my account on the old
 server every hour.

B/c we don't know if you accidentally had very long TTL on that bad
nameserver (since the RR no longer exists at any of your authorities
and we can't wayback it), it could be that that was the underlying
problem.

Nevertheless, the bizarre thinking of the Comcast person did not help
matters.

-- S.




Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: sa...@cypressintegrated.com

SpamAssassin plugs into Declude!
  http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/

Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases!
  
http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/
  
http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/



---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.



Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff

2012-11-28 Thread Sanford Whiteman
Ben,

Thanks for running your questions by me. Feel free to forward this
message to your Comcast rep. Even if he is unwilling to help you
further, there is information below that will help him be more
accurate in future cases, since he currently lacks sufficient
understanding of DNS.

Mr. Jones is seemingly unaware of the difference between a delegated
subdomain and a hostname. This gap in understanding does call the
other conclusions into question, and I would not consider his to be an
expert-level response. NOTE: I don't know if Comcast is or is not
ultimately at fault for your mail delivery problems, but I would
advise you to look for more expert testimony.

It's perfectly normal for a hostname to be both the label and the
value of an MX record (i.e. to be its own MX). In fact, the
RFC-specified behavior of SMTP is to connect to the hostname to
deliver mail to user@hostname in the absence of an MX record. All you
are doing by adding hostname IN MX hostname is specifying that
which would already be assumed (and also taking advantage of the MX
algorithm).

So normal is this configuration that I was able to quickly dig these
examples from large, reputable domains:

mail.beta.army.mil IN MX 10 mail.beta.army.mil
ajax1.rutgers.edu IN MX 10 ajax1.rutgers.edu
web.mail.vt.edu IN MX 0 web.mail.vt.edu
webmail.uic.edu IN MX 0 webmail.uic.edu
mail.messaging.microsoft.com IN MX 10 mail.messaging.microsoft.com
webmail.villanova.edu IN MX 0 webmail.villanova.edu
smtp01in.umuc.edu IN MX 0 smtp01in.umuc.edu
mta4.wiscmail.wisc.edu IN MX 0 mta4.wiscmail.wisc.edu
mail.dotster.com IN MX 0 mail.dotster.com

Good luck with your continued troubleshooting!

-- Sandy



---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.



Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff

2012-11-27 Thread Sanford Whiteman
 In the end, he seems to be  saying that we have a name server
 giving wrong results, which would make sense, except I can't figure
 out which name servers he's referring to.  You'll see below where he
 says the NS0 name server points to NS1 and that will point to
 mail2.bcwebhost.net and your incorrect IP address, and I don't see
 that, do you?

No.

He's so far up his own... something... that he's decided upfront that
it cannot be his problem, so he is willfully misreading the actual
results.

Look at this, from his message:

 Authority:
xname.org.600   NS  ns2.xname.org.
xname.org.600   NS  ns3.xtremeweb.de.
xname.org.600   NS  ns0.xname.org.
xname.org.600   NS  ns1.xname.org.

He claims to be getting this information from ns1.xname.org. I'm sure
he is. The question is WHY he is querying ns1.xname.org, since it does
not appear in the parents at gtld-servers.net nor in any NS records
returned by your NSs.

I think you may have a chicken-egg situation where he is actually
using a broken server to check for brokenness!

Tell him this: at *..gtld-servers.net, your NSs are

NS-record for bcwebhost.net:
DNS server = bcw4.bcwebhost.net
TTL = 172800 (2 days)
NS-record for bcwebhost.net:
DNS server = ns1.twisted4life.com
TTL = 172800 (2 days)
NS-record for bcwebhost.net:
DNS server = ns0.xname.org
TTL = 172800 (2 days)
NS-record for bcwebhost.net:
DNS server = ns2.xname.org
TTL = 172800 (2 days)

*AND* querying each of those NSs directly, the same list of NSs
appears. Ask him if he differs with this. He can't.

So why would ns1.xname.org even be on his mind? Why would he be
hitting this server at all? Answer: he is not actually digging
directly into your servers, but trusting his own, broken server. Which
means he is not testing properly. What server is he using, anyway
(never mind non-Comcast tools)?

Now, I grant you, his server wouldn't be broken per se if you had
set, say, a 30-day TTL somewhere. That would be your fault. But we
don't see that, or at least we can't see it anywhere in his results.

 Do you see where in the stuff below it says that ns0 is getting its
 results from ns1? The IP of ns1 is 178.33.255.252 and for ns0 it's
 195.234.42.1.

No, and I don't even know what it would mean to be getting its
results from ns1. ns0 is returning authoritative results. As you
said, he seems to be willfully making no sense: getting its results
from is useless nonsense. Which is weird because in certain ways he
seems to know what he's talking about.

 At any rate, unless ns0 is really linked to ns1 as this guy claims,
 then I don't see how ns1 is relevant.

It isn't relevant. It isn't in the picture. If it's in the picture for
him, he's not testing with working servers.

 This is a subdomain
 “ANYTHING.DOMAIN.TLD” is a subdomain and your mail.bcwebhost.net
 subdomain should NOT have its own MX record.

 Answer:

mail.bcwebhost.net.  43200  A 173.164.65.200

 mail.bcwebhost.net. 43200  MX   0  
 mail.bcwebhost.net.

There is absolutely nothing wrong with this setup and I wish you could
make this Spencer Jones idiot publish this claim in a DNS-centric
place where he will be shamed (as opposed to a pretty dormant ML).
Someone like Len Conrad could hand him his

-- S.

---
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: sa...@cypressintegrated.com

SpamAssassin plugs into Declude!
  http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/

Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases!
  
http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/
  
http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/



---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.



Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff

2012-11-27 Thread SM Admin
Hi Sandy,

Actually, you did catch something.  The section that starts with Authority.  
In his email he says Answer ns0.xname.org which I take to mean that he is 
getting that authorotative response from nso0.xname.org and not ns1.xname.org 
as you assume below.  Which doesn't make sense to me because I just ran the 
DNSStuff tool against ns0.xname.org and came up with the correct results.

ns0.xname.org. [195.234.42.1] (124ms)


Response from ns0.xname.org. [195.234.42.1]


Results found: 8
  Domain Type Class TTL Response time Answer
  Answer section:
  bcwebhost.net. NS IN 43200 124ms ns1.twisted4life.com.
  bcwebhost.net. NS IN 43200 124ms ns2.xname.org.
  bcwebhost.net. NS IN 43200 124ms bcw4.bcwebhost.net.
  bcwebhost.net. NS IN 43200 124ms ns0.xname.org.
  Additional section:
  ns0.xname.org. A IN 600 124ms 195.234.42.1
  ns2.xname.org. A IN 600 124ms 88.191.64.64
  bcw4.bcwebhost.net. A IN 43200 124ms 173.164.65.197
  ns2.xname.org.  IN 600 124ms 2a01:e0b:1:64:240:63ff:fee8:6155



And those servers all report the correct NS records, as well as all the gtld 
servers report the correct results.  So how did he get bad results?

Thanks,

Ben

  - Original Message -
  From: Sanford Whiteman
  To: Declude.JunkMail@declude.com
  Sent: Tuesday, November 27, 2012 4:36 PM
  Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS 
stuff


   In the end, he seems to be  saying that we have a name server
   giving wrong results, which would make sense, except I can't figure
   out which name servers he's referring to.  You'll see below where he
   says the NS0 name server points to NS1 and that will point to
   mail2.bcwebhost.net and your incorrect IP address, and I don't see
   that, do you?

  No.

  He's so far up his own... something... that he's decided upfront that
  it cannot be his problem, so he is willfully misreading the actual
  results.

  Look at this, from his message:

   Authority:
  xname.org.600   NS  ns2.xname.org.
  xname.org.600   NS  ns3.xtremeweb.de.
  xname.org.600   NS  ns0.xname.org.
  xname.org.600   NS  ns1.xname.org.

  He claims to be getting this information from ns1.xname.org. I'm sure
  he is. The question is WHY he is querying ns1.xname.org, since it does
  not appear in the parents at gtld-servers.net nor in any NS records
  returned by your NSs.

  I think you may have a chicken-egg situation where he is actually
  using a broken server to check for brokenness!

  Tell him this: at *..gtld-servers.net, your NSs are

  NS-record for bcwebhost.net:
  DNS server = bcw4.bcwebhost.net
  TTL = 172800 (2 days)
  NS-record for bcwebhost.net:
  DNS server = ns1.twisted4life.com
  TTL = 172800 (2 days)
  NS-record for bcwebhost.net:
  DNS server = ns0.xname.org
  TTL = 172800 (2 days)
  NS-record for bcwebhost.net:
  DNS server = ns2.xname.org
  TTL = 172800 (2 days)

  *AND* querying each of those NSs directly, the same list of NSs
  appears. Ask him if he differs with this. He can't.

  So why would ns1.xname.org even be on his mind? Why would he be
  hitting this server at all? Answer: he is not actually digging
  directly into your servers, but trusting his own, broken server. Which
  means he is not testing properly. What server is he using, anyway
  (never mind non-Comcast tools)?

  Now, I grant you, his server wouldn't be broken per se if you had
  set, say, a 30-day TTL somewhere. That would be your fault. But we
  don't see that, or at least we can't see it anywhere in his results.

   Do you see where in the stuff below it says that ns0 is getting its
   results from ns1? The IP of ns1 is 178.33.255.252 and for ns0 it's
   195.234.42.1.

  No, and I don't even know what it would mean to be getting its
  results from ns1. ns0 is returning authoritative results. As you
  said, he seems to be willfully making no sense: getting its results
  from is useless nonsense. Which is weird because in certain ways he
  seems to know what he's talking about.

   At any rate, unless ns0 is really linked to ns1 as this guy claims,
   then I don't see how ns1 is relevant.

  It isn't relevant. It isn't in the picture. If it's in the picture for
  him, he's not testing with working servers.

   This is a subdomain
   “ANYTHING.DOMAIN.TLD” is a subdomain and your mail.bcwebhost.net
   subdomain should NOT have its own MX record.

   Answer:

  mail.bcwebhost.net.  43200  A 173.164.65.200

   mail.bcwebhost.net. 43200  MX   0  
mail.bcwebhost.net.

  There is absolutely nothing wrong with this setup and I wish you could
  make this Spencer Jones idiot publish this claim in a DNS-centric
  place where he will be shamed (as opposed to a pretty dormant ML).
  Someone like Len

Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff

2012-11-27 Thread SM Admin
Hi Sandy,

Actually, you did catch something.  The section that starts with Authority.  
In his email he says Answer ns0.xname.org which I take to mean that he is 
getting that authorotative response from nso0.xname.org and not ns1.xname.org 
as you assume below.  Which doesn't make sense to me because I just ran the 
DNSStuff tool against ns0.xname.org and came up with the correct results.

ns0.xname.org. [195.234.42.1] (124ms)


Response from ns0.xname.org. [195.234.42.1]


Results found: 8
  Domain Type Class TTL Response time Answer
  Answer section:
  bcwebhost.net. NS IN 43200 124ms ns1.twisted4life.com.
  bcwebhost.net. NS IN 43200 124ms ns2.xname.org.
  bcwebhost.net. NS IN 43200 124ms bcw4.bcwebhost.net.
  bcwebhost.net. NS IN 43200 124ms ns0.xname.org.
  Additional section:
  ns0.xname.org. A IN 600 124ms 195.234.42.1
  ns2.xname.org. A IN 600 124ms 88.191.64.64
  bcw4.bcwebhost.net. A IN 43200 124ms 173.164.65.197
  ns2.xname.org.  IN 600 124ms 2a01:e0b:1:64:240:63ff:fee8:6155



And those servers all report the correct NS records, as well as all the gtld 
servers report the correct results.  So how did he get bad results?

Thanks,

Ben

  - Original Message -
  From: Sanford Whiteman
  To: Declude.JunkMail@declude.com
  Sent: Tuesday, November 27, 2012 4:36 PM
  Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS 
stuff


   In the end, he seems to be  saying that we have a name server
   giving wrong results, which would make sense, except I can't figure
   out which name servers he's referring to.  You'll see below where he
   says the NS0 name server points to NS1 and that will point to
   mail2.bcwebhost.net and your incorrect IP address, and I don't see
   that, do you?

  No.

  He's so far up his own... something... that he's decided upfront that
  it cannot be his problem, so he is willfully misreading the actual
  results.

  Look at this, from his message:

   Authority:
  xname.org.600   NS  ns2.xname.org.
  xname.org.600   NS  ns3.xtremeweb.de.
  xname.org.600   NS  ns0.xname.org.
  xname.org.600   NS  ns1.xname.org.

  He claims to be getting this information from ns1.xname.org. I'm sure
  he is. The question is WHY he is querying ns1.xname.org, since it does
  not appear in the parents at gtld-servers.net nor in any NS records
  returned by your NSs.

  I think you may have a chicken-egg situation where he is actually
  using a broken server to check for brokenness!

  Tell him this: at *..gtld-servers.net, your NSs are

  NS-record for bcwebhost.net:
  DNS server = bcw4.bcwebhost.net
  TTL = 172800 (2 days)
  NS-record for bcwebhost.net:
  DNS server = ns1.twisted4life.com
  TTL = 172800 (2 days)
  NS-record for bcwebhost.net:
  DNS server = ns0.xname.org
  TTL = 172800 (2 days)
  NS-record for bcwebhost.net:
  DNS server = ns2.xname.org
  TTL = 172800 (2 days)

  *AND* querying each of those NSs directly, the same list of NSs
  appears. Ask him if he differs with this. He can't.

  So why would ns1.xname.org even be on his mind? Why would he be
  hitting this server at all? Answer: he is not actually digging
  directly into your servers, but trusting his own, broken server. Which
  means he is not testing properly. What server is he using, anyway
  (never mind non-Comcast tools)?

  Now, I grant you, his server wouldn't be broken per se if you had
  set, say, a 30-day TTL somewhere. That would be your fault. But we
  don't see that, or at least we can't see it anywhere in his results.

   Do you see where in the stuff below it says that ns0 is getting its
   results from ns1? The IP of ns1 is 178.33.255.252 and for ns0 it's
   195.234.42.1.

  No, and I don't even know what it would mean to be getting its
  results from ns1. ns0 is returning authoritative results. As you
  said, he seems to be willfully making no sense: getting its results
  from is useless nonsense. Which is weird because in certain ways he
  seems to know what he's talking about.

   At any rate, unless ns0 is really linked to ns1 as this guy claims,
   then I don't see how ns1 is relevant.

  It isn't relevant. It isn't in the picture. If it's in the picture for
  him, he's not testing with working servers.

   This is a subdomain
   “ANYTHING.DOMAIN.TLD” is a subdomain and your mail.bcwebhost.net
   subdomain should NOT have its own MX record.

   Answer:

  mail.bcwebhost.net.  43200  A 173.164.65.200

   mail.bcwebhost.net. 43200  MX   0  
mail.bcwebhost.net.

  There is absolutely nothing wrong with this setup and I wish you could
  make this Spencer Jones idiot publish this claim in a DNS-centric
  place where he will be shamed (as opposed to a pretty dormant ML).
  Someone like Len

Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff

2012-11-27 Thread Sanford Whiteman
 Actually, you did catch something.  The section that starts with
 Authority.  In his email he says Answer ns0.xname.org which I
 take to mean that he is getting that authorotative response from
 nso0.xname.org and not ns1.xname.org as you assume below.

It means ns0.xname.org is part of the answer(s) to the question he
asked, i.e. the A record for ns0.xname.org.

Doesn't mean that is/is not the server queried.

-- S.



---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.



Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff

2012-11-27 Thread Sanford Whiteman
 I remember Len Conrad from way back when, and I believe he could
 hand him his  Where would there be a DNS-centric list or forum where 
 Len hangs out?

Maybe the big ISC BIND newsgroup or something? But it doesn't have to
be him, it could be someone on the DNSStuff forums, too.

-- S.



---
This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type unsubscribe Declude.JunkMail.  The archives can be found
at http://www.mail-archive.com.