Re: broken ISP in china

On 19.02.13 10:25, Noel Butler wrote: One thing I need to point out, your SOA timings seem extreme... refresh 86400 drop that to 3h retry 3600, drop to 900 I don't see the reason for doing these, unless NOTIFY does not work, but in such case it's the NOTIFY that should be fixed... expire 60

Re: Registrar that supports self-run domains and provides DNSSEC support

Moving registration away from NetSol is documented at http://www.networksolutions.com/support/preparing-a-domain-name-for-a-transfer-out-of-network-solutions/ If you have a good number of domains, and that number changes frequently, you might want to consider CSC https://www.cscglobal.com/globa

OFF TOPIC Re: broken ISP in china

apparently you have no comprehension of OFF TOPIC I stopped reading at about the half dozen words because you once again went off on your OFF TOPIC rants. But each to our own, you hate it, many stand by it, its only fools like you who cant accept that, thats your problem not mine. Given that y

Re: Registrar that supports self-run domains and provides DNSSEC support

On Feb 18, 2013, at 15.32, Robert Moskowitz wrote: > Delving further into my challenges. > > Right now I use Network Solutions as my registrar. Just never changes as > they were the only show in town back then. > > But they don't seem to support DNSSEC protected domains, and even IPv6 glue >

Re: broken ISP in china

> I see no problem with your SPF IP records though so long as you dont try > use ns1. Ignoring most of Vernons anti SPF rhetoric, which BTW this > list is NOT the place for (go cry a river on mailop list), he is > correct that you shouldn't really be using PTR, or A for that mater, > just have yo

Re: [mailop] broken ISP in china

On 02/18/13 19:02, Tony Finch wrote: Lyle Giese wrote: Recently I moved this domain(lcrcomputer.net) to a registrar that suports DNSSEC and inserted the DS record for this domain. Was it signed before this point? I am wondering if this is a DNS response size problem - was the cause the additio

Re: broken ISP in china

Lyle Giese wrote: > > Recently I moved this domain(lcrcomputer.net) to a registrar that suports > DNSSEC and inserted the DS record for this domain. Was it signed before this point? I am wondering if this is a DNS response size problem - was the cause the addition of the DS record, or the additio

Re: Registrar that supports self-run domains and provides DNSSEC support

Robert Moskowitz wrote: > > Right now I use Network Solutions as my registrar. Just never changes as they > were the only show in town back then. > > But they don't seem to support DNSSEC protected domains, and even IPv6 glue > records are special requests, it seems. Have a look at http://wiki.g

Re: broken ISP in china

On Mon, 18 Feb 2013, Lyle Giese wrote: I am cross posting this as it might be a dns issue, but it effects email directly. And I am quite aware of the 'Great Chinese Firewall' and realized that may be a large part of the issue. LCR's mail filter and mail servers are all in the lcrcomputer.net

Re: broken ISP in china

On Mon, 2013-02-18 at 16:07 -0600, Lyle Giese wrote: > > Recently I moved this domain(lcrcomputer.net) to a registrar that > suports DNSSEC and inserted the DS record for this domain. I checked > DNSSEC via http://dnsviz.net and > http://dnssec-debugger.verisignlabs.com. Both show DNSSEC is w

Re: broken ISP in china

> From: Lyle Giese > attention and I tried to email the client in China and got this back: > > For , Site > (x.com.cn/) said: 559 sorry , your helo/ehlo and > domain in mail are invalid, you don't connect from there. (#5.5.9) > > Because this started within 24

Re: broken ISP in china

Hi-- On Feb 18, 2013, at 2:07 PM, Lyle Giese wrote: > Recently I moved this domain(lcrcomputer.net) to a registrar that suports > DNSSEC and inserted the DS record for this domain. I checked DNSSEC via > http://dnsviz.net and http://dnssec-debugger.verisignlabs.com. Both show > DNSSEC is wor

broken ISP in china

I am cross posting this as it might be a dns issue, but it effects email directly. And I am quite aware of the 'Great Chinese Firewall' and realized that may be a large part of the issue. LCR's mail filter and mail servers are all in the lcrcomputer.net domain. Recently I moved this domain(lc

Does ISC DLV option belong in internal view?

I am reading up on ISC DLV Registry. www.isc.org/solutions/dlv states this is for recursive servers. We are recommended to only use recursion for our internal view and have our external view set to "recursion no;". That said, does it matter where the bindkeys-file path is located: In the glo

Re: Registrar that supports self-run domains and provides DNSSEC support

I personally like NameCheap. Cheap, and good documentation (that you can use even if you go with someone else). - Original Message - From: Robert Moskowitz [mailto:r...@htt-consult.com] Sent: Monday, February 18, 2013 03:32 PM To: bind-users@lists.isc.org Subject: Registrar that suppo

Re: Registrar that supports self-run domains and provides DNSSEC support

On Mon, Feb 18, 2013 at 03:32:53PM -0500, Robert Moskowitz wrote: > My registration is up for renewal; it expires 4/6/13 so this is a > good time to move. But of course my domain is locked and I can't > see on NS account page how to change that. Dyn can probably help you with how do get NetSol to

Registrar that supports self-run domains and provides DNSSEC support

Delving further into my challenges. Right now I use Network Solutions as my registrar. Just never changes as they were the only show in town back then. But they don't seem to support DNSSEC protected domains, and even IPv6 glue records are special requests, it seems. My registration is up

Re: Difference between multiple NS and NS having multiple A

In message , Alexander Gurvitz writes: Is there any practical difference between the following two: example.com. NS ns1.example.com. example.com. NS ns2.example.com. ns1.example.com. A 1.1.1.1 ns2.example.com. A 1.1.1.2 example.com. NS ns.example.com. ns.example.com. A 1.1.1.1 ns.example.c

Re: chroot/etc/named/ directory?

On Wed, Feb 13, 2013 at 02:18:20PM -0500, Robert Moskowitz wrote: > > On 02/13/2013 01:44 PM, Lightner, Jeff wrote: > >Haven't done it on RHEL/CentOS 6.x yet but in RHEL5 with the bind-chroot > >installed I've always had: > >/var/named/chroot as the jail for BIND. > >/var/named/chroot/etc = Locat