Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
Hi Ben, Spam only to a server that no longer has MX records pointing to it isn’t really a surprise. Spammers have been known to cache MX records and continue to spam them long after an MX record is changed. The rationale behind that may be to bypass spam filtering gateways that have placed in front of a mail server. Darin. From: SM Admin Sent: Friday, November 30, 2012 7:52 PM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff Hi Sandy, I forwarded your last reply to Comcast but haven't heard from anyone there since that last message where the tech says he can't help me any further. At this point, I'd sure like to fight with them some more just because of the obnoxious replies by Mr. Jones, but I'm not sure it's worth the time. What I've notice is that while I continue to get a trickle of messages showing up at the old mail server, since last weekend they've only been spam. I'm not sure how, but it seems that some spammers are still latched on to the wrong (out of date) DNS information. Strange, huh? Thanks again for all your help and the same for Shaun. Ben - Original Message - From: Sanford Whiteman To: Declude.JunkMail@declude.com Sent: Wednesday, November 28, 2012 7:24 PM Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff Ben, Thanks for running your questions by me. Feel free to forward this message to your Comcast rep. Even if he is unwilling to help you further, there is information below that will help him be more accurate in future cases, since he currently lacks sufficient understanding of DNS. Mr. Jones is seemingly unaware of the difference between a delegated subdomain and a hostname. This gap in understanding does call the other conclusions into question, and I would not consider his to be an expert-level response. NOTE: I don't know if Comcast is or is not ultimately at fault for your mail delivery problems, but I would advise you to look for more expert testimony. It's perfectly normal for a hostname to be both the label and the value of an MX record (i.e. to "be its own MX"). In fact, the RFC-specified behavior of SMTP is to connect to the hostname to deliver mail to user@hostname in the absence of an MX record. All you are doing by adding IN MX is specifying that which would already be assumed (and also taking advantage of the MX algorithm). So normal is this configuration that I was able to quickly dig these examples from large, reputable domains: mail.beta.army.mil IN MX 10 mail.beta.army.mil ajax1.rutgers.edu IN MX 10 ajax1.rutgers.edu web.mail.vt.edu IN MX 0 web.mail.vt.edu webmail.uic.edu IN MX 0 webmail.uic.edu mail.messaging.microsoft.com IN MX 10 mail.messaging.microsoft.com webmail.villanova.edu IN MX 0 webmail.villanova.edu smtp01in.umuc.edu IN MX 0 smtp01in.umuc.edu mta4.wiscmail.wisc.edu IN MX 0 mta4.wiscmail.wisc.edu mail.dotster.com IN MX 0 mail.dotster.com Good luck with your continued troubleshooting! -- Sandy --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
Hi Sandy, I forwarded your last reply to Comcast but haven't heard from anyone there since that last message where the tech says he can't help me any further. At this point, I'd sure like to fight with them some more just because of the obnoxious replies by Mr. Jones, but I'm not sure it's worth the time. What I've notice is that while I continue to get a trickle of messages showing up at the old mail server, since last weekend they've only been spam. I'm not sure how, but it seems that some spammers are still latched on to the wrong (out of date) DNS information. Strange, huh? Thanks again for all your help and the same for Shaun. Ben - Original Message - From: Sanford Whiteman To: Declude.JunkMail@declude.com Sent: Wednesday, November 28, 2012 7:24 PM Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff Ben, Thanks for running your questions by me. Feel free to forward this message to your Comcast rep. Even if he is unwilling to help you further, there is information below that will help him be more accurate in future cases, since he currently lacks sufficient understanding of DNS. Mr. Jones is seemingly unaware of the difference between a delegated subdomain and a hostname. This gap in understanding does call the other conclusions into question, and I would not consider his to be an expert-level response. NOTE: I don't know if Comcast is or is not ultimately at fault for your mail delivery problems, but I would advise you to look for more expert testimony. It's perfectly normal for a hostname to be both the label and the value of an MX record (i.e. to "be its own MX"). In fact, the RFC-specified behavior of SMTP is to connect to the hostname to deliver mail to user@hostname in the absence of an MX record. All you are doing by adding IN MX is specifying that which would already be assumed (and also taking advantage of the MX algorithm). So normal is this configuration that I was able to quickly dig these examples from large, reputable domains: mail.beta.army.mil IN MX 10 mail.beta.army.mil ajax1.rutgers.edu IN MX 10 ajax1.rutgers.edu web.mail.vt.edu IN MX 0 web.mail.vt.edu webmail.uic.edu IN MX 0 webmail.uic.edu mail.messaging.microsoft.com IN MX 10 mail.messaging.microsoft.com webmail.villanova.edu IN MX 0 webmail.villanova.edu smtp01in.umuc.edu IN MX 0 smtp01in.umuc.edu mta4.wiscmail.wisc.edu IN MX 0 mta4.wiscmail.wisc.edu mail.dotster.com IN MX 0 mail.dotster.com Good luck with your continued troubleshooting! -- Sandy --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
Ben, Thanks for running your questions by me. Feel free to forward this message to your Comcast rep. Even if he is unwilling to help you further, there is information below that will help him be more accurate in future cases, since he currently lacks sufficient understanding of DNS. Mr. Jones is seemingly unaware of the difference between a delegated subdomain and a hostname. This gap in understanding does call the other conclusions into question, and I would not consider his to be an expert-level response. NOTE: I don't know if Comcast is or is not ultimately at fault for your mail delivery problems, but I would advise you to look for more expert testimony. It's perfectly normal for a hostname to be both the label and the value of an MX record (i.e. to "be its own MX"). In fact, the RFC-specified behavior of SMTP is to connect to the hostname to deliver mail to user@hostname in the absence of an MX record. All you are doing by adding IN MX is specifying that which would already be assumed (and also taking advantage of the MX algorithm). So normal is this configuration that I was able to quickly dig these examples from large, reputable domains: mail.beta.army.mil IN MX 10 mail.beta.army.mil ajax1.rutgers.edu IN MX 10 ajax1.rutgers.edu web.mail.vt.edu IN MX 0 web.mail.vt.edu webmail.uic.edu IN MX 0 webmail.uic.edu mail.messaging.microsoft.com IN MX 10 mail.messaging.microsoft.com webmail.villanova.edu IN MX 0 webmail.villanova.edu smtp01in.umuc.edu IN MX 0 smtp01in.umuc.edu mta4.wiscmail.wisc.edu IN MX 0 mta4.wiscmail.wisc.edu mail.dotster.com IN MX 0 mail.dotster.com Good luck with your continued troubleshooting! -- Sandy --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
> I should add that the number of erroneous emails sent to the old mail server > has decreased. From Thursday through Saturday it went down to zero and I > was hoping the problem had gone away. Then it started up again on Sunday, > but at lower volume than before. Interestingly, most of the emails now > received at the old server are spam. In the last three days, I've only > received one email personally that was real mail and that went to the old > server. By comparison, a week ago I had to check my account on the old > server every hour. B/c we don't know if you accidentally had very long TTL on that bad nameserver (since the RR no longer exists at any of your authorities and we can't "wayback" it), it could be that that was the underlying problem. Nevertheless, the bizarre thinking of the Comcast person did not help matters. -- S. Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: sa...@cypressintegrated.com SpamAssassin plugs into Declude! http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/ http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/ --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
I should add that the number of erroneous emails sent to the old mail server has decreased. From Thursday through Saturday it went down to zero and I was hoping the problem had gone away. Then it started up again on Sunday, but at lower volume than before. Interestingly, most of the emails now received at the old server are spam. In the last three days, I've only received one email personally that was real mail and that went to the old server. By comparison, a week ago I had to check my account on the old server every hour. Ben -Original Message- From: Sanford Whiteman Sent: Tuesday, November 27, 2012 6:09 PM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff > Actually, you did catch something. The section that starts with > "Authority". In his email he says "Answer ns0.xname.org" which I > take to mean that he is getting that authorotative response from > nso0.xname.org and not ns1.xname.org as you assume below. It means "ns0.xname.org" is part of the answer(s) to the question he asked, i.e. the A record for ns0.xname.org. Doesn't mean that is/is not the server queried. -- S. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
Just for your amusement, here is my latest exchange with Comcast (read the Comcast email first, then my response). ** Dear Mr. Jones, It does not surprise me that refuse to provide any further help. Your previous emails displayed a dismissive and confrontational attitude with a lack of any real interest in finding an answer. Your responses included technical errors, contradictory statements, and failed to address some of my key questions. As near as I can tell, you are claiming that Comcast cannot be responsible by simple proclamation. Unfortunately, the evidence continues to indicate that Comcast is in same way responsible. The volume of erroneous emails has decreased, so perhaps this was a temporary result of your recent change in DNS systems that is slowly improving – one can only hope. In the meanwhile, I would like a referral to someone else at Comcast who has both technical knowledge and some skill at customer relations. Perhaps you or one of the others CC’d on this email can provide that referral. Sincerely, Ben From: Jones, Spencer Sent: Wednesday, November 28, 2012 8:10 AM As I stated before good luck. I can help you no more. Spencer Jones Engineer II Enterprise Technical Support 7150 S. Fulton St, Centennial, CO 80112 -Original Message- From: Sanford Whiteman Sent: Tuesday, November 27, 2012 6:09 PM To: Declude.JunkMail@declude.com Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff > Actually, you did catch something. The section that starts with > "Authority". In his email he says "Answer ns0.xname.org" which I > take to mean that he is getting that authorotative response from > nso0.xname.org and not ns1.xname.org as you assume below. It means "ns0.xname.org" is part of the answer(s) to the question he asked, i.e. the A record for ns0.xname.org. Doesn't mean that is/is not the server queried. -- S. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
> I remember Len Conrad from way back when, and I believe he could > "hand him his" Where would there be a DNS-centric list or forum where > Len hangs out? Maybe the big ISC BIND newsgroup or something? But it doesn't have to be him, it could be someone on the DNSStuff forums, too. -- S. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
> Actually, you did catch something. The section that starts with > "Authority". In his email he says "Answer ns0.xname.org" which I > take to mean that he is getting that authorotative response from > nso0.xname.org and not ns1.xname.org as you assume below. It means "ns0.xname.org" is part of the answer(s) to the question he asked, i.e. the A record for ns0.xname.org. Doesn't mean that is/is not the server queried. -- S. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
Hi Sandy, Actually, you did catch something. The section that starts with "Authority". In his email he says "Answer ns0.xname.org" which I take to mean that he is getting that authorotative response from nso0.xname.org and not ns1.xname.org as you assume below. Which doesn't make sense to me because I just ran the DNSStuff tool against ns0.xname.org and came up with the correct results. ns0.xname.org. [195.234.42.1] (124ms) Response from ns0.xname.org. [195.234.42.1] Results found: 8 Domain Type Class TTL Response time Answer Answer section: bcwebhost.net. NS IN 43200 124ms ns1.twisted4life.com. bcwebhost.net. NS IN 43200 124ms ns2.xname.org. bcwebhost.net. NS IN 43200 124ms bcw4.bcwebhost.net. bcwebhost.net. NS IN 43200 124ms ns0.xname.org. Additional section: ns0.xname.org. A IN 600 124ms 195.234.42.1 ns2.xname.org. A IN 600 124ms 88.191.64.64 bcw4.bcwebhost.net. A IN 43200 124ms 173.164.65.197 ns2.xname.org. IN 600 124ms 2a01:e0b:1:64:240:63ff:fee8:6155 And those servers all report the correct NS records, as well as all the gtld servers report the correct results. So how did he get bad results? Thanks, Ben - Original Message - From: Sanford Whiteman To: Declude.JunkMail@declude.com Sent: Tuesday, November 27, 2012 4:36 PM Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff > In the end, he seems to be saying that we have a name server > giving wrong results, which would make sense, except I can't figure > out which name servers he's referring to. You'll see below where he > says "the NS0 name server points to NS1 and that will point to > mail2.bcwebhost.net and your incorrect IP address," and I don't see > that, do you? No. He's so far up his own... something... that he's decided upfront that it cannot be his problem, so he is willfully misreading the actual results. Look at this, from his message: > Authority: >xname.org.600 NS ns2.xname.org. >xname.org.600 NS ns3.xtremeweb.de. >xname.org.600 NS ns0.xname.org. >xname.org.600 NS ns1.xname.org. He claims to be getting this information from ns1.xname.org. I'm sure he is. The question is WHY he is querying ns1.xname.org, since it does not appear in the parents at gtld-servers.net nor in any NS records returned by your NSs. I think you may have a chicken-egg situation where he is actually using a broken server to check for brokenness! Tell him this: at *..gtld-servers.net, your NSs are NS-record for bcwebhost.net: DNS server = bcw4.bcwebhost.net TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns1.twisted4life.com TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns0.xname.org TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns2.xname.org TTL = 172800 (2 days) *AND* querying each of those NSs directly, the same list of NSs appears. Ask him if he differs with this. He can't. So why would ns1.xname.org even be on his mind? Why would he be hitting this server at all? Answer: he is not actually digging directly into your servers, but trusting his own, broken server. Which means he is not testing properly. What server is he using, anyway (never mind "non-Comcast tools")? Now, I grant you, his server wouldn't be "broken" per se if you had set, say, a 30-day TTL somewhere. That would be your fault. But we don't see that, or at least we can't see it anywhere in his results. > Do you see where in the stuff below it says that ns0 is getting its > results from ns1? The IP of ns1 is 178.33.255.252 and for ns0 it's > 195.234.42.1. No, and I don't even know what it would mean to be "getting its results from ns1." ns0 is returning authoritative results. As you said, he seems to be willfully making no sense: "getting its results from" is useless nonsense. Which is weird because in certain ways he seems to know what he's talking about. > At any rate, unless ns0 is really linked to ns1 as this guy claims, > then I don't see how ns1 is relevant. It isn't relevant. It isn't in the picture. If it's in the picture for him, he's not testing with working servers. > This is a subdomain > “ANYTHING.DOMAIN.TLD” is a subdomain and your mail.bcwebhost.net > subdomain should NOT have its own MX record. > Answer: >mail.bcwebhost.net. 43200 A 173.164.65.200 > mail.bcwebhost.net. 43200
Re: Fw: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
> To answer Shaun's question, you'll see that we only have ns0 and > ns2 for xname.org and ns1.xname.org is removed. So it shouldn't be > a problem. It isn't close to a problem. It isn't helping matters to have your ostensible allies misread one hostname as another! > Actually, I tried nslookup on ns1.xname.org this afternoon and it just wasn't > responding at all. It's probably best to stop even saying "ns1.xname.org" because it seems to be prompting people to think it's there, when it's not. -- S. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
Hi Sandy, Actually, you did catch something. The section that starts with "Authority". In his email he says "Answer ns0.xname.org" which I take to mean that he is getting that authorotative response from nso0.xname.org and not ns1.xname.org as you assume below. Which doesn't make sense to me because I just ran the DNSStuff tool against ns0.xname.org and came up with the correct results. ns0.xname.org. [195.234.42.1] (124ms) Response from ns0.xname.org. [195.234.42.1] Results found: 8 Domain Type Class TTL Response time Answer Answer section: bcwebhost.net. NS IN 43200 124ms ns1.twisted4life.com. bcwebhost.net. NS IN 43200 124ms ns2.xname.org. bcwebhost.net. NS IN 43200 124ms bcw4.bcwebhost.net. bcwebhost.net. NS IN 43200 124ms ns0.xname.org. Additional section: ns0.xname.org. A IN 600 124ms 195.234.42.1 ns2.xname.org. A IN 600 124ms 88.191.64.64 bcw4.bcwebhost.net. A IN 43200 124ms 173.164.65.197 ns2.xname.org. IN 600 124ms 2a01:e0b:1:64:240:63ff:fee8:6155 And those servers all report the correct NS records, as well as all the gtld servers report the correct results. So how did he get bad results? Thanks, Ben - Original Message - From: Sanford Whiteman To: Declude.JunkMail@declude.com Sent: Tuesday, November 27, 2012 4:36 PM Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff > In the end, he seems to be saying that we have a name server > giving wrong results, which would make sense, except I can't figure > out which name servers he's referring to. You'll see below where he > says "the NS0 name server points to NS1 and that will point to > mail2.bcwebhost.net and your incorrect IP address," and I don't see > that, do you? No. He's so far up his own... something... that he's decided upfront that it cannot be his problem, so he is willfully misreading the actual results. Look at this, from his message: > Authority: >xname.org.600 NS ns2.xname.org. >xname.org.600 NS ns3.xtremeweb.de. >xname.org.600 NS ns0.xname.org. >xname.org.600 NS ns1.xname.org. He claims to be getting this information from ns1.xname.org. I'm sure he is. The question is WHY he is querying ns1.xname.org, since it does not appear in the parents at gtld-servers.net nor in any NS records returned by your NSs. I think you may have a chicken-egg situation where he is actually using a broken server to check for brokenness! Tell him this: at *..gtld-servers.net, your NSs are NS-record for bcwebhost.net: DNS server = bcw4.bcwebhost.net TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns1.twisted4life.com TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns0.xname.org TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns2.xname.org TTL = 172800 (2 days) *AND* querying each of those NSs directly, the same list of NSs appears. Ask him if he differs with this. He can't. So why would ns1.xname.org even be on his mind? Why would he be hitting this server at all? Answer: he is not actually digging directly into your servers, but trusting his own, broken server. Which means he is not testing properly. What server is he using, anyway (never mind "non-Comcast tools")? Now, I grant you, his server wouldn't be "broken" per se if you had set, say, a 30-day TTL somewhere. That would be your fault. But we don't see that, or at least we can't see it anywhere in his results. > Do you see where in the stuff below it says that ns0 is getting its > results from ns1? The IP of ns1 is 178.33.255.252 and for ns0 it's > 195.234.42.1. No, and I don't even know what it would mean to be "getting its results from ns1." ns0 is returning authoritative results. As you said, he seems to be willfully making no sense: "getting its results from" is useless nonsense. Which is weird because in certain ways he seems to know what he's talking about. > At any rate, unless ns0 is really linked to ns1 as this guy claims, > then I don't see how ns1 is relevant. It isn't relevant. It isn't in the picture. If it's in the picture for him, he's not testing with working servers. > This is a subdomain > “ANYTHING.DOMAIN.TLD” is a subdomain and your mail.bcwebhost.net > subdomain should NOT have its own MX record. > Answer: >mail.bcwebhost.net. 43200 A 173.164.65.200 > mail.bcwebhost.net. 43200
Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
I remember Len Conrad from way back when, and I believe he could "hand him his" Where would there be a DNS-centric list or forum where Len hangs out? Thanks, Ben - Original Message - From: Sanford Whiteman To: Declude.JunkMail@declude.com Sent: Tuesday, November 27, 2012 4:36 PM Subject: Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff > In the end, he seems to be saying that we have a name server > giving wrong results, which would make sense, except I can't figure > out which name servers he's referring to. You'll see below where he > says "the NS0 name server points to NS1 and that will point to > mail2.bcwebhost.net and your incorrect IP address," and I don't see > that, do you? No. He's so far up his own... something... that he's decided upfront that it cannot be his problem, so he is willfully misreading the actual results. Look at this, from his message: > Authority: >xname.org.600 NS ns2.xname.org. >xname.org.600 NS ns3.xtremeweb.de. >xname.org.600 NS ns0.xname.org. >xname.org.600 NS ns1.xname.org. He claims to be getting this information from ns1.xname.org. I'm sure he is. The question is WHY he is querying ns1.xname.org, since it does not appear in the parents at gtld-servers.net nor in any NS records returned by your NSs. I think you may have a chicken-egg situation where he is actually using a broken server to check for brokenness! Tell him this: at *..gtld-servers.net, your NSs are NS-record for bcwebhost.net: DNS server = bcw4.bcwebhost.net TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns1.twisted4life.com TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns0.xname.org TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns2.xname.org TTL = 172800 (2 days) *AND* querying each of those NSs directly, the same list of NSs appears. Ask him if he differs with this. He can't. So why would ns1.xname.org even be on his mind? Why would he be hitting this server at all? Answer: he is not actually digging directly into your servers, but trusting his own, broken server. Which means he is not testing properly. What server is he using, anyway (never mind "non-Comcast tools")? Now, I grant you, his server wouldn't be "broken" per se if you had set, say, a 30-day TTL somewhere. That would be your fault. But we don't see that, or at least we can't see it anywhere in his results. > Do you see where in the stuff below it says that ns0 is getting its > results from ns1? The IP of ns1 is 178.33.255.252 and for ns0 it's > 195.234.42.1. No, and I don't even know what it would mean to be "getting its results from ns1." ns0 is returning authoritative results. As you said, he seems to be willfully making no sense: "getting its results from" is useless nonsense. Which is weird because in certain ways he seems to know what he's talking about. > At any rate, unless ns0 is really linked to ns1 as this guy claims, > then I don't see how ns1 is relevant. It isn't relevant. It isn't in the picture. If it's in the picture for him, he's not testing with working servers. > This is a subdomain > “ANYTHING.DOMAIN.TLD” is a subdomain and your mail.bcwebhost.net > subdomain should NOT have its own MX record. > Answer: >mail.bcwebhost.net. 43200 A 173.164.65.200 > mail.bcwebhost.net. 43200 MX 0 mail.bcwebhost.net. There is absolutely nothing wrong with this setup and I wish you could make this Spencer Jones idiot publish this claim in a DNS-centric place where he will be shamed (as opposed to a pretty dormant ML). Someone like Len Conrad could hand him his -- S. --- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: sa...@cypressintegrated.com SpamAssassin plugs into Declude! http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/ http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/ --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail".
Re: [Declude.JunkMail] Fw: Deciphering Comcast reply on weird DNS stuff
> In the end, he seems to be saying that we have a name server > giving wrong results, which would make sense, except I can't figure > out which name servers he's referring to. You'll see below where he > says "the NS0 name server points to NS1 and that will point to > mail2.bcwebhost.net and your incorrect IP address," and I don't see > that, do you? No. He's so far up his own... something... that he's decided upfront that it cannot be his problem, so he is willfully misreading the actual results. Look at this, from his message: > Authority: >xname.org.600 NS ns2.xname.org. >xname.org.600 NS ns3.xtremeweb.de. >xname.org.600 NS ns0.xname.org. >xname.org.600 NS ns1.xname.org. He claims to be getting this information from ns1.xname.org. I'm sure he is. The question is WHY he is querying ns1.xname.org, since it does not appear in the parents at gtld-servers.net nor in any NS records returned by your NSs. I think you may have a chicken-egg situation where he is actually using a broken server to check for brokenness! Tell him this: at *..gtld-servers.net, your NSs are NS-record for bcwebhost.net: DNS server = bcw4.bcwebhost.net TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns1.twisted4life.com TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns0.xname.org TTL = 172800 (2 days) NS-record for bcwebhost.net: DNS server = ns2.xname.org TTL = 172800 (2 days) *AND* querying each of those NSs directly, the same list of NSs appears. Ask him if he differs with this. He can't. So why would ns1.xname.org even be on his mind? Why would he be hitting this server at all? Answer: he is not actually digging directly into your servers, but trusting his own, broken server. Which means he is not testing properly. What server is he using, anyway (never mind "non-Comcast tools")? Now, I grant you, his server wouldn't be "broken" per se if you had set, say, a 30-day TTL somewhere. That would be your fault. But we don't see that, or at least we can't see it anywhere in his results. > Do you see where in the stuff below it says that ns0 is getting its > results from ns1? The IP of ns1 is 178.33.255.252 and for ns0 it's > 195.234.42.1. No, and I don't even know what it would mean to be "getting its results from ns1." ns0 is returning authoritative results. As you said, he seems to be willfully making no sense: "getting its results from" is useless nonsense. Which is weird because in certain ways he seems to know what he's talking about. > At any rate, unless ns0 is really linked to ns1 as this guy claims, > then I don't see how ns1 is relevant. It isn't relevant. It isn't in the picture. If it's in the picture for him, he's not testing with working servers. > This is a subdomain > “ANYTHING.DOMAIN.TLD” is a subdomain and your mail.bcwebhost.net > subdomain should NOT have its own MX record. > Answer: >mail.bcwebhost.net. 43200 A 173.164.65.200 > mail.bcwebhost.net. 43200 MX 0 > mail.bcwebhost.net. There is absolutely nothing wrong with this setup and I wish you could make this Spencer Jones idiot publish this claim in a DNS-centric place where he will be shamed (as opposed to a pretty dormant ML). Someone like Len Conrad could hand him his -- S. --- Sanford Whiteman, Chief Technologist Broadleaf Systems, a division of Cypress Integrated Systems, Inc. e-mail: sa...@cypressintegrated.com SpamAssassin plugs into Declude! http://www.imprimia.com/products/software/freeutils/SPAMC32/download/release/ Defuse Dictionary Attacks: Turn Exchange or IMail mailboxes into IMail Aliases! http://www.imprimia.com/products/software/freeutils/exchange2aliases/download/release/ http://www.imprimia.com/products/software/freeutils/ldap2aliases/download/release/ --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.