I was just forwarded an e-mail from an internal department. The e-mail appears to be sent from [email protected] and the subject is: "Notice from ARIN". I'll post part of the e-mail below. I'm first trying to determine the legitimacy of the e-mail. Has anyone else received something like this? From what I can tell, the e-mail is telling us that the our reverse lookup zones are mis-configured (which very well might be true), and it appears that we're claiming we own an entire 16 bit address space, which we don't.
The 4 zones in question are: 196.69.208.in-addr.arpa 197.69.208.in-addr.arpa 198.69.208.in-addr.arpa 199.69.208.in-addr.arpa The e-mail repeats the results for each of the remaining zones. I took a look at the zone configuration but I can't seem to find where I might be able to modify the "authority section of the zone file" to resolve the issue. We do own the address space 208.69.196.0 - 208.69.199.255. It appears from the e-mail our configuration indicates we own the entire 208.69.x.x address space. Would someone be able to shed some light on this for me? ================================================================ E-mail content: This e-mail is to notify you that over the past 30 days, ARIN has been testing the individual reverse DNS zones within: 208.69.196.0 - 208.69.199.255 During this time, one or more of the authoritative nameservers have failed to resolve our reverse DNS queries. The testing data is found below our signature. Per ARIN policy 7.2, found at: *http://www.arin.net/policy/nrpm.html#seven2*<http://www.arin.net/policy/nrpm.html> ... ARIN is notifying you of the lameness in the DNS. We will continue to test the zones for the next 60 days. If the zones continue to be lame, ARIN will remove the delegations to your nameserver(s) for the IP address block. The testing methodology is described at: *http://www.arin.net/reference/lame_delegations.html*<http://www.arin.net/reference/lame_delegations.html> Please note: if you operate a network which is likely unreachable from ARIN's testing suite, you may receive lameness notifications, even though reverse DNS is working properly within the context of your network. In such cases, contact the ARIN Registration Services Help Desk to have your zones excluded from future testing. Please contact us with any questions or concerns. We can be reached via an e-mail to [email protected], or via telephone at +1 (703) 227-0660. Best regards, Registration Services Department American Registry for Internet Numbers Dear POC for NET-208-69-196-0-1, Testing occurred between 2008-06-01 06:44:22 through 2009-04-06 06:33:41 Domains that failed for Net Handle: NET-208-69-196-0-1 Nameserver tested: NS2.ALASKAUSA.ORG. 196.69.208.in-addr.arpa. - Empty Answer Expanded Description: RFC1035 section 4.1.1 defines the ANCOUNT field in the response header as "an unsigned 16 bit integer specifying the number of resource records in the answer section". When ARIN queried your name server for the in-addr.arpa domain referenced above, the ANCOUNT value was returned as 0, indicating no answer. Troubleshooting: One common cause is a misconfiguration in the authority section of the zone file. Please ensure your name server is not claiming authority for a /16 zone if you are not the registrant of the entire /16. There may be other reasons your name server is returning an ANCOUNT of 0. Please consult the documentation for your DNS server software to determine how to configure your name server to provide an answer for each reverse DNS zone it serves. ============================================= ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
