Don't get so defensive, I was not questioning your knowledge on DNS. Perhaps your assumption that I do not know about DNS is of concern though. I know quite a bit about DNS and I have been building running ISPs for over 10 years. I also work with other ISPs and network engineers across the globe. I am well versed on DNS and I don't need a tutorial or any other info on it. My question was not about DNS it was about how to disable a domain in IMail (I am far from an expert on IMail). I know very well that I could have used DNS to try to accomplish part of the goal, however, that was not my question or my intent.
BIND is not a commercial solution and it can be compiled to do just about anything you want it to do (and yes I realize there are commercial DNS solutions that are "based" on BIND). P.S. Yes, I have seen your websites, they are very nice for people that don't know much about DNS and quite handy (even for people that do know about DNS) if you don't have access to dig and other free DNS tools available in Unix. Good work. On Tue, 02 Dec 2003 07:34:04 -0500, you wrote: > >> >Just an FYI -- the idea of uncontrolled "DNS propagation" is mostly a >> >myth. The amount of time between making a DNS change and having the DNS >> >entries used by 100% of the Internet is under your control in most >> >cases. Essentially, it's [1] the TTL value for the DNS record in question >> >plus [2] the amount of time it takes your backup DNS servers to update when >> >the information is changed on the primary DNS server. > >>Low TTL's are definitely not the solution IMO. > >It's not a solution -- it's just there. You're the one that complained >about DNS propagation time, and I was just clarifying the issue. It's the >same whether you have a low TTL or a high TTL. > >>Not just some, but many providers override it. > >FWIW, I know a lot about DNS (have you been to http://www.DNSreport.com or >http://www.DNSstuff.com lately?), both from what I've learned over the >years, and from problems people have come to me with. > >Although I have often heard rumors (like yours!) that "many ISPs" will >cache DNS beyond what they are supposed to, I haven't seen a single >confirmed case. Don't say "Many providers override it"; say "I think many >providers override it" or "I've heard that many providers override >it." I've already told you about the many rumors and no facts, now you're >just stating your opinion without backing it up. If you can back it up, >that's great -- it would be nice to have evidence of this. > > > In addition, super low default TTLs on very busy and populated DNS >servers can cause quite a load. > >I never said super low TTLs were a good thing. :) My advice applies >whether you have a 60 second TTL or a 86400 (1 day) TTL. The reason DNS >caching was designed was to reduce the load, so low TTLs are normally >frowned upon. > >FWIW, many major sites are down to 1 hour TTLs. Google is at 1 hour; ARIN >(network gurus!) are at 3 hours (they were at 1 hour). Common belief is >that they do this in case of attacks. I don't buy that, but who knows? > >>Many times I have lowered TTLs temporarily anticipating a change, >>however, I would not make a practice of it permanently. > >And that's great for you -- but provides absolutely no information. :) > >I think the problem for many of the people who think there is a DNS caching >conspiracy is that they don't realize that you can't change the TTL after a >DNS record is cached somewhere. So if you've had a 24 hour TTL on your MX >record for months now, and change it to 1 hour, you have to wait 24 hours >before all DNS servers will have the new TTL. It's only after the *old* >TTL expires that the new one will take effect. > >That causes a major problem in troubleshooting other people's DNS >issues. When someone says "Yeah, I lowered the TTL to 1 hour, but it is >still cached at many places!", it is impossible to find the old TTL unless >someone happens to remember it. > >AFAIK, there aren't any commercial DNS programs (BIND, Microsoft DNS, etc.) >that can violate the RFCs by altering the TTL value. I'm sure there are >some people out there that do it (someone suggested that RoadRunner is >doing this -- which wouldn't surprise me). But there is no hard evidence yet. > > -Scott >--- >Declude JunkMail: The advanced anti-spam solution for IMail mailservers. >Declude Virus: Catches known viruses and is the leader in mailserver >vulnerability detection. >Find out what you've been missing: Ask about our free 30-day evaluation. > >--- >[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] > > >To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html >List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ >Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
