is your host or dhcp server sending dns dynamic updates for rfc1918?

Simon Higgs simon at higgs.com
Sat Apr 20 05:14:37 UTC 2002


At 06:41 PM 4/19/2002 -0700, Pete Ehlke wrote:

>On Fri, Apr 19, 2002 at 06:32:58PM -0700, Simon Higgs wrote:
> >
> > SOAs with bogus.domain.names pointing to 127.0.0.1 appear to be causing
> > email to bounce (amongst other things).
>
>Ermm... Do you have any actual evidence for this assertion?

Not yet. But the common thread to this is that every domain that vanishes 
(and causes email to bounce) has got a bogus MNAME entry (i.e. MNAME is 
unroutable). This isn't a root specific problem as legacy root users have 
reported this problem alongside ORSC users. The bogus MNAME may be a red 
herring, but it's what we're looking at as a possible common cause.

>An mta that
>examines MNAME is horribly, horribly broken. I can't imagine anything
>but the worst sort of spamware actually doing this.

Yes, but given that all software is broken by nature, and that there is a 
filing cabinet full of CERT advisories, why would you be surprised at 
either SendMail or BIND being the culprit under certain circumstances? 
Maybe even for a totally different reason.



Best Regards,

Simon

--
###




More information about the NANOG mailing list