[dns-operations] NXDOMAIN plus CNAME answer - works sometimes!?

Warren Kumari warren at kumari.net
Thu Mar 22 16:37:35 UTC 2018


On Thu, Mar 22, 2018 at 4:09 PM, Roy Arends <roy at dnss.ec> wrote:
>
>> On 22 Mar 2018, at 15:48, James Stevens <James.Stevens at jrcs.co.uk> wrote:
>>
>> But "amazonaws.com" /does/ exist, so surely authority from the COM zone /alone/ can't be cited to say the CNAME doesn't exist?
>
> Indeed.
>
> ns7.markmonitor.com is configured to be authoritative for _a_ com zone, not _the_ com zone. This server is misconfigured to do stupid DNS tricks.

I loves me some stupid DNS tricks, but this takes it far enough that
even *I* find it bletcherous...

W

>
> Roy
>
>
>
>>
>>
>> On 22/03/18 14:28, Roy Arends wrote:
>>> The ns7.markmonitor.com server has been configured to respond authoritatively for the com zone and for the cgma.org zone.
>> _______________________________________________
>> dns-operations mailing list
>> dns-operations at lists.dns-oarc.net
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>> dns-operations mailing list
>> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations



-- 
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf



More information about the dns-operations mailing list