[dns-operations] AXFR "policy"
jim at rfc1035.com
Fri Mar 25 09:07:18 UTC 2011
On 24 Mar 2011, at 22:48, Simon Munton wrote:
> As a matter of interest, why do you make it available for public
> AXFR on all name servers if you don't want people to use it?
Just because a zone happens to be available for AXFR does not mean
it's acceptable to take a copy, load into other name servers and then
claim to "serve" the zone. It's naughty (some might say evil) to
provide authoritative answers for zones that have not been properly
delegated to you.
I might sometimes leave my front door unlocked but that doesn't mean
visitors are welcome to come in and wander around my house without
asking me beforehand.
More information about the dns-operations