On Tue, May 16, 2023 at 11:27:52AM -0400, Alex via Postfix-users wrote:
> > > $ host info.apr.gov.rs
> > > Host info.apr.gov.rs not found: 2(SERVFAIL)
>
> There's definitely a problem with their name servers, but it also seems my
> version of bind is not permissive enough for such failures, although my
> bind-9.16.38 system is, using the same configuration.
The problems with their DNS are:
- ns1.apr.gov.rs: EDNS(0) option intolerance, but returns
FORMERR, so fallback to non-EDNS queries should (and does) work.
$ dig -t a +nocomment +nocookie +nostats +nocmd +norecur +nocl +nottl
@ns1.apr.gov.rs info.apr.gov.rs.
;info.apr.gov.rs. IN A
info.apr.gov.rs. A 195.178.56.17
Disabling use of cookies in your BIND configuration would suffice.
- ns2.apr.gov.rs: Supports EDNS(0), but returns SERVFAIL to all
queries.
$ dig -t a +noall +comment +norecur +noedns +nocl +nottl
@ns2.apr.gov.rs info.apr.gov.rs.
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 42971
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> Public name servers also appear to have no issues. I'm currently
> researching these FORMERR messages.
Turn off coookies for queries to this domain, or generally.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
