[dns-operations] AXFR "policy"

Jim Reid jim at rfc1035.com
Fri Mar 25 09:07:18 UTC 2011

On 24 Mar 2011, at 22:48, Simon Munton wrote:

> As a matter of interest, why do you make it available for public  
> AXFR on all name servers if you don't want people to use it?

Just because a zone happens to be available for AXFR does not mean  
it's acceptable to take a copy, load into other name servers and then  
claim to "serve" the zone. It's naughty (some might say evil) to  
provide authoritative answers for zones that have not been properly  
delegated to you.

I might sometimes leave my front door unlocked but that doesn't mean  
visitors are welcome to come in and wander around my house without  
asking me beforehand.

More information about the dns-operations mailing list