Watching requests to my authoritative servers running BIND, I'm seeing what appear to be broken resolvers regularly. The problem is with domains that use outsourced spam filtering like Postini or MX Logic, where the MX records for example.com get set to example.com.something1.mxlogicmx.net and such. What I'm seeing is that the resolver then turns around and asks my authoritative servers to resolve the ...mxlogicmx.net records (which of course it doesn't since I'm not MX Logic).
I just refuse such requests, but why would it even ask that? Isn't this just another way caches could be poisoned? The client resolver asked my server a question; it'd be easy to return an answer without any IP spoofing required. I also see resolvers that, when they get a request refused (e.g. for a domain that has been cancelled and removed from my servers), they just keep pounding away, making sometimes dozens of requests per second for the same thing. What broken behavior causes that? -- Chris Adams <[EMAIL PROTECTED]> Systems and Network Administrator - HiWAAY Internet Services I don't speak for anybody but myself - that's enough trouble.
