I recently checked "No Recursion" in Win2K DNS (Advanced Tab) so
that my DNS server would act as DNS only for domains for which my
DNS server was SOA in order to deny third parties the ability to use
my DNS server for DOS attacks and so on.
All users reported that they could no longer send or receive e-mail
apart from those sent by other domains for which my DNS server was
SOA. Un-check No Recursion and the mail started flowing again.
Any way around this?
With MS DNS? no, recursion is either on or off. With a firewall, you
can leave MS DNS recursion on and block access from internet to port 53.
Use DNS like BIND that allows recursion restricted by ACL, eg, for
your subnet.
Len
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
