Fake-root/view help needed

[Smellycat]

Hello, someone is using my DNS server and I imagine it is due to a
misconfiguration. I've contacted their 'abuse' department to see if they can
notify the person, but no response.

What I would like to do is using views, setup a fake root so that all IP
addresses the user goes to will redirect to a specific website. On that
website I will put a brief explanation that their machine is using the wrong
DNS server and needs to be reconfigured. I realize I could block their IP
and I do actually deny the queries, but I'd like to have the person fix
their machine. Its been like this for over a month.

Here is what I've done so far with BIND 9.2.4. 

view "restricted" {
# this is the single machine I want to redirect
        match-clients { 192.0.0.1; }; 

        recursion yes;

        zone "." IN {
                type master;
                file "fake-root";
                allow-query { any; };
        };
};

view "global" {
       match-clients { any; };

        zone "." IN {
                type hint;
                file "named.ca";
        };

  ... All my normal zones ...

}

I am confused on what to put in the fake-root zone file. Currently, I have:

### fake-root
$TTL 0
@ IN SOA fakens.mydomain.org. root.fakens.mydomain.org. (
                119 ; 10800 ; 360 ; 604800 ; 86400 ; )
                IN      NS      ns.mydomain.org.
ns              IN      A      192.1.1.4
ns.mydomain.org     IN      A       192.1.1.4
*               IN      A       192.1.1.130
### End fake-root

I'm not sure about the above - especially what the SOA should be for q fake
root. Also, when I try to test this with 'dig @ns.mydomain.org www.cnn.com'
(and changing the restricted IP to my own home machine) I get a ServFail.
I'm not sure if this is due to the syntax or what. i can see from the
querylog that I query, but I'm getting a Standard Query Response, ServFail
result.