Hi, I switched 250 of our DNS servers from bind9 to powerdns today. Our log file are filled with malformed query domains like this:
Aug 16 13:45:43 rs2 pdns[13527]: Received a malformed qdomain from 164.128.36.54, '@.egger-dietikon.ch': dropping Aug 16 13:45:44 rs2 pdns[13527]: Received a malformed qdomain from 164.128.223.28, '@.egger-dietikon.ch': dropping Aug 16 13:45:44 rs2 pdns[13527]: Received a malformed qdomain from 164.128.36.54, '@.egger-dietikon.ch': dropping Aug 16 13:45:46 rs2 pdns[13527]: Received a malformed qdomain from 195.37.164.130, '@.kueste.de': dropping Aug 16 13:45:46 rs2 pdns[13527]: Received a malformed qdomain from 164.128.223.28, '@.egger-dietikon.ch': dropping Aug 16 13:45:46 rs2 pdns[13527]: Received a malformed qdomain from 164.128.36.54, '@.egger-dietikon.ch': dropping Aug 16 13:45:48 rs2 pdns[13527]: Received a malformed qdomain from 82.149.228.70, 'bauble.%ANYDOMAIN.df-webhosting.de': dropping Aug 16 13:45:48 rs2 pdns[13527]: Received a malformed qdomain from 164.128.223.28, '@.egger-dietikon.ch': dropping Aug 16 13:45:48 rs2 pdns[13527]: Received a malformed qdomain from 164.128.36.54, '@.egger-dietikon.ch': dropping Aug 16 13:45:49 rs2 pdns[13527]: Received a malformed qdomain from 195.50.140.69, '@.bizimalem.de': dropping Aug 16 13:45:50 rs2 pdns[13527]: Received a malformed qdomain from 82.149.224.2, '%ANYDOMAIN.df-webhosting.de': dropping Aug 16 13:45:50 rs2 pdns[13527]: Received a malformed qdomain from 212.175.13.113, '@.bizimalem.com': dropping Aug 16 13:45:50 rs2 pdns[13527]: Received a malformed qdomain from 164.128.36.54, '@.egger-dietikon.ch': dropping Aug 16 13:45:51 rs2 pdns[13527]: Received a malformed qdomain from 85.10.206.176, '@.radsportsonntag.de': dropping Aug 16 13:45:52 rs2 pdns[13527]: Received a malformed qdomain from 164.128.223.28, '@.egger-dietikon.ch': dropping Aug 16 13:45:58 rs2 pdns[13527]: Received a malformed qdomain from 82.149.228.70, 'bauble.%ANYDOMAIN.df-webhosting.de': dropping Aug 16 13:46:00 rs2 pdns[13527]: Received a malformed qdomain from 208.66.195.18, 'www.crackingegg.com?sid=7a91cc0441a6eba534aff058491c4184': dropping Aug 16 13:46:00 rs2 pdns[13527]: Received a malformed qdomain from 194.40.39.227, '@.bizimalem.de': dropping Aug 16 13:46:01 rs2 pdns[13527]: Received a malformed qdomain from 194.25.0.61, '@.cj-light.de': dropping Aug 16 13:46:01 rs2 pdns[13527]: Received a malformed qdomain from 164.128.36.54, '@.egger-dietikon.ch': dropping Aug 16 13:46:02 rs2 pdns[13527]: Received a malformed qdomain from 217.237.150.113, '@.medilas.ch': dropping Aug 16 13:46:02 rs2 pdns[13527]: Received a malformed qdomain from 195.50.140.69, '@.bizimalem.de': dropping Aug 16 13:46:03 rs2 pdns[13527]: Received a malformed qdomain from 208.66.195.18, 'www.crackingegg.com?sid=7a91cc0441a6eba534aff058491c4184': dropping Aug 16 13:46:03 rs2 pdns[13527]: Received a malformed qdomain from 194.40.39.212, '@.bizimalem.de': dropping Aug 16 13:46:03 rs2 pdns[13527]: Received a malformed qdomain from 164.128.36.54, '@.egger-dietikon.ch': dropping Aug 16 13:46:04 rs2 pdns[13527]: Received a malformed qdomain from 217.237.150.113, '@.medilas.ch': dropping Aug 16 13:46:04 rs2 pdns[13527]: Received a malformed qdomain from 164.128.36.54, '@.egger-dietikon.ch': dropping Aug 16 13:46:06 rs2 pdns[13527]: Received a malformed qdomain from 164.128.36.54, '@.egger-dietikon.ch': dropping Recursion is allowed our recursion server is a djbdns server could that be a problem? All these domains seem to have an @ sign in them. If you need further infos or my pdns.conf please drop me an email. Regards Simon _______________________________________________ Pdns-users mailing list [email protected] http://mailman.powerdns.com/mailman/listinfo/pdns-users
