Hello Bjoern,
On 3 Aug 2015, at 12:39, Bjoern Franke wrote:
I disabled dnssec now, but lists.ffnw.de still produces problems on
our
slave |1|lists.ffnw.de||||||0||1 exists.
This is not about DNSSEC - the empty non-terminals are a requirement of
DNS itself. PowerDNS did not honour this requirement in the past.
lists.ffnw.de has address 37.120.176.207
lists.ffnw.de has IPv6 address 2a03:4000:6:8025::1
lists.ffnw.de mail is handled by 10 srv01.ffnw.de.
lists.ffnw.de mail is handled by 20 srv02.ffnw.de.
So if a user asks srv02.ffnw.de, he/she cannot connect to
lists.ffnw.de. The issue does not occur for ffnw.de which also has a
_domainkey.ffnw.de record.
If I understand this right, your problem is that ‘lists.ffnw.de’
stops matching your wildcard because of the empty non-terminal? If that
is the issue, just put ‘lists.ffnw.de’ with A/AAAA/MX like the
wildcard, into your zone.
Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/
_______________________________________________
Pdns-users mailing list
[email protected]
http://mailman.powerdns.com/mailman/listinfo/pdns-users
