[dns-operations] OT: NXDOMAIN / public resolvers and zen.spamhaus.org
Lyle Giese
lyle at lcrcomputer.net
Sun Mar 27 20:22:39 UTC 2011
On 03/27/11 11:58, Matthew Walker wrote:
> I recently noticed after switching my forwarders to public resolvers,
> that zen.spamhaus.org was returning NXDOMAIN.
>
> So, I began some basic testing, and it seems both GoogleDNS and Level3
> are returning NXDOMAIN when using a zen.spamhaus.org test domain.
> OpenDNS appears to be resolving zen.spamhaus.org without any issues.
>
> # google public dns
> $ host 107.178.203.192.zen.spamhaus.org 8.8.8.8
> Host 107.178.203.192.zen.spamhaus.org not found: 3(NXDOMAIN)
>
> $ host 107.178.203.192.zen.spamhaus.org 8.8.4.4
> Host 107.178.203.192.zen.spamhaus.org not found: 3(NXDOMAIN)
>
> # level3 dns
> $ host 107.178.203.192.zen.spamhaus.org 4.2.2.1
> Host 107.178.203.192.zen.spamhaus.org not found: 3(NXDOMAIN)
>
> # opendns
> $ host 107.178.203.192.zen.spamhaus.org 208.67.222.222
> 107.178.203.192.zen.spamhaus.org has address 127.0.0.2
>
> $ host 107.178.203.192.zen.spamhaus.org 208.67.220.220
> 107.178.203.192.zen.spamhaus.org has address 127.0.0.2
>
> So a word of warning if you do use public resolvers, that it might have
> unexpected results.
>
>
I have also seen it mentioned that using these public resolvers are not
appropriate for use with mail servers as they may give out answers for
non-existent domains. They want to push requests for non-existent
domains to a custom page for their ad or special search pages.
That behavior is not nice for mail servers. That's ok for end users
doing nothing more than web surfing.
Lyle Giese
LCR Computer Services, inc
More information about the dns-operations
mailing list