First, I want to thank Shaun and Sandy for truly useful replies.  Next, below 
is a response from someone at Comcast – presumably an engineer of some sort. 
I’m trying to fit together his comments (I find his tone pretty argumentative) 
with the points made here.  For examples, Shaun seems to have shown that 
Comcast can intercept A-calls and I know that Comcast told me three years ago 
they intercept some calls, and yet here is this guy claiming it’s impossible.

One thing Spencer has correct is a problem with ns1.xname.org.  I have 
secondary DNS services set up with xname and twisted4life and I noticed last 
week that of the three xname servers (ns0, ns1, ns2), ns1 frequently had an old 
serial number.  One day it would be 131 or something similar, which is about 
correct, and then the next day it would be 120, which is old.  So last weekend 
I removed all references to ns1 (but kept ns0 and ns2 as secondaries) from our 
server and the registrar accounts.  Really, by the time Spencer wrote to me 
yesterday afternoon, he shouldn’t have seen any references to ns1.xname.org.

Any comments?



From: Jones, Spencer
Sent: Wednesday, November 21, 2012 2:39 PM
To: b...@bcwebhost.net
Cc: Self, Andrew
Subject: FW: DNS zone files for BC Web LLC (Ben Bednarz)


            As to what you have below. Your MX record does point to a host 
name, but then that subdomain that does point to an A record and should ONLY 
point to an A record has an MX record of its own. This is NOT set up correctly, 
and WILL create issues. As far as our DNS servers intercepting DNS request 
traffic. That is not possible. If I make a DNS request it will go to, 
and if that server does not know the answer it goes to one of the 13 ROOT 
servers, then if the root server does not know the IP it goes to the TLD 
servers, they know the NS of the domain and go to that IP to get the answer if 
they do not know it. That is it, our servers can not and would have no way to 
know what traffic is going across the Comcast network, and then pull in packets 
that are DNS requests. Tens of  thousands of people on Comcast’s network run 
DNS servers, including me and I do not have an issue. I bind to NASA’s ROOT 
server and everything pulls from there. I also host a Name Server on the 
network and never have I had a request answered by another NS. How do you 
suspect that our servers intercept traffic meant for your IP address, but only 
yours and only if it is a DNS request, and not any other traffic? Please show 
the 2 domain query’s below to your DNS expert and see if he feels that is 
correct that the subdomain points to itself. I am sorry you are having this 
issue but forward records of zone files we do not host CAN NOT be our issue, 
and in no way can ANY DNS server intercept a packet meant for another IP 
address. I see five name servers below for this domain and when I look up 
mail.bcwebhost.net on ns1.xname.org it gives me the answer of 
mail2.bcwebhost.net. So I found your issue and as I said it is NOT a Comcast 

Query: bcwebhost.net.      Query type: Any record

Recursive query: Yes     Authoritative answer: Yes

Query time: 188 ms.         Server name: n/a


       bcwebhost.net.             43200  A

       bcwebhost.net.             43200  NS    bcw4.bcwebhost.net.

       bcwebhost.net.             43200  NS    ns0.xname.org.

       bcwebhost.net.             43200  NS    ns2.xname.org.

       bcwebhost.net.             43200  NS    ns1.twisted4life.com.

       bcwebhost.net.             43200  SOA  bcw4.bcwebhost.net.


        ; serial

      ; refresh (6 hours)

       ; retry (1 hour)

    ; expire (28 days)

      ; minimum (12 hours)

       bcwebhost.net.             43200  MX    0  mail.bcwebhost.net.

       bcwebhost.net.             43200  TXT  "v=spf1 a mx a:bcw5, a:bcw6, 
a:mail1 ip4: -all"


       bcw4.bcwebhost.net.    43200  A

       ns2.xname.org.              19        A

       ns1.twisted4life.com.     1224    A

                mail.bcwebhost.net. 43200      A    

ns1.xname.org.        600          A    

ns0.xname.org.        600          A    

Query: mail.bcwebhost.net.       Query type: Any record

Recursive query: Yes            Authoritative answer: Yes

Query time: 125 ms.                 Server name: ns1.xname.org


       mail.bcwebhost.net.              43200  MX  0  mail2.bcwebhost.net.


                mail2.bcwebhost.net.               43200      A     

Query: mail.bcwebhost.net.       Query type: Any record

Recursive query: Yes            Authoritative answer: Yes

Query time: 234 ms.                 Server name: n/a


       mail.bcwebhost.net.              43200  A

                mail.bcwebhost.net. 43200      MX           0  

This E-mail came from the Declude.JunkMail mailing list.  To
unsubscribe, just send an E-mail to imail...@declude.com, and
type "unsubscribe Declude.JunkMail".  The archives can be found
at http://www.mail-archive.com.

Reply via email to