[dns-operations] OT: NXDOMAIN / public resolvers and zen.spamhaus.org

Jelte Jansen jelte at isc.org
Tue Mar 29 08:00:35 UTC 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/28/2011 12:50 PM, Stephane Bortzmeyer wrote:
> 
>> If you are using a free "open DNS resolver" service such as Google
>> Public DNS or Level3's public DNS servers to resolve your DNSBL
>> requests, in most cases you will receive a "not listed" (NXDOMAIN)
>> reply
> 
> Which is blatantly false for Google Public DNS.

as already mentioned, whether this is a lie kind of depends on how you
interpret it; they don't explicitly mention that this behaviour is
caused by their own servers, not google; for users, this distinction may
not really matter (since the workaround is not to use it either way).

It would be nice if they add something like 'our responses do not follow
the implicit 'one global namespace that is equal for all' assumption
that you make when using a public resolver.

I wonder if they would consider supporting google's ip-client draft,
should it get traction.

Jelte
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk2RkaMACgkQ4nZCKsdOncXVUQCbB77hBnILC7Hr/aq4u71Pm5h9
ZlUAn2NLj48oElwfs+n8C2O+AtGzC8Dt
=OAw6
-----END PGP SIGNATURE-----



More information about the dns-operations mailing list