[dns-operations] The strange case of fox.com
rgoodson at gronkulator.com
Wed Mar 2 00:29:01 UTC 2016
On 3/1/16 3:24 PM, Dave Warren wrote:
> On 2016-03-01 12:37, Robert Edmonds wrote:
>> Mark Andrews wrote:
>>> And if the same notice went out with "you have 28 days to correct
>>> this or the delegation will be removed from the com zone" and this
>>> was just followed through what would the effect be? There are no
>>> checks as balances in the system. Sometimes you need to break the
>>> zone completely to get the zone fixed.
>> Sounds like a great phishing campaign. "You have 28 days to correct this
>> or your domain name will be removed. Click here to login and fix it."
> ICANN already forces this issue with the mandatory WHOIS verification
> emails, complete with disabling your domain if they bounce and nothing
> is done about it.
That's a positive step, but it certainly doesn't guarantee that the
WHOIS contact knows anything about the DNS, or will respond to emails.
I've been reading this thread with some interest, as this used to be a
small but significant portion of my previous job at a cable company.
Mostly small domains, however.
Typically, we'd get a NOC ticket from somebody like Joe the Plumber
about their domain joesplumbing.com being intermittently resolvable on
our name servers. I would investigate and then respond with a
multi-paragraph email about how their domain was messed up and exactly
how to fix it. Sometimes the domain would be fixed and sometimes not.
Occasionally, the ticket would be about a higher traffic domain and not
instigated by the domain owner (or responsible party). Those were more
difficult. The most difficult time I ever had was with capitalone.com
being intermittently resolvable. This was because the name servers for
capitalone.com were in a subdomain of capitalone.com,
(wpex.capitalone.com, if I remember correctly), then the name servers
themselves had no A records. I sent emails to every whois contact for
the domain, as well as hostmaster, postmaster,
root at every.name.server.they.had, etc. and no response. I went so far as
to call physical phone numbers and was told that their DNS hosting was
outsourced (no idea if that was accurate). I finally "fixed" it
(stopped the complaining) by making all my recursive name servers
authoritative for one of their name servers names, so at least we would
have an IP as a sort of glue record to follow.
Roughly a year and a half after this incident, I saw a job posting for a
DNS expert at Capital One. I was able to remove the authoritative
record from my customer resolvers shortly afterwards.
I noticed that there was a huge upswing of these complaints after March
10, 2010, after Verisign made the change to glue no longer being
promoted to authoritative
I never really saw them before, but saw them all the time afterwards.
More information about the dns-operations