Werid mx queries to the vatician
Patrick Hulman
patrick.hulman at cox.net
Wed Sep 6 17:58:27 UTC 2006
My mail server are unable to send mail to parts of the holy see. upon
investigation i found the following
# dig mx fabricsp.va
; <<>> DiG 9.2.4 <<>> mx fabricsp.va
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 29921
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;fabricsp.va. IN MX
;; Query time: 133 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Sep 6 13:24:45 2006
;; MSG SIZE rcvd: 2
however if i do a dig +trace i get this
# dig +trace mx fabricsp.va
; <<>> DiG 9.2.4 <<>> +trace mx fabricsp.va
;; global options: printcmd
. 334879 IN NS J.ROOT-SERVERS.NET.
. 334879 IN NS K.ROOT-SERVERS.NET.
. 334879 IN NS L.ROOT-SERVERS.NET.
. 334879 IN NS M.ROOT-SERVERS.NET.
. 334879 IN NS A.ROOT-SERVERS.NET.
. 334879 IN NS B.ROOT-SERVERS.NET.
. 334879 IN NS C.ROOT-SERVERS.NET.
. 334879 IN NS D.ROOT-SERVERS.NET.
. 334879 IN NS E.ROOT-SERVERS.NET.
. 334879 IN NS F.ROOT-SERVERS.NET.
. 334879 IN NS G.ROOT-SERVERS.NET.
. 334879 IN NS H.ROOT-SERVERS.NET.
. 334879 IN NS I.ROOT-SERVERS.NET.
;; Received 276 bytes from 127.0.0.1#53(127.0.0.1) in 0 ms
va. 172800 IN NS DNS.NIC.IT.
va. 172800 IN NS DNS2.IT.NET.
va. 172800 IN NS DXMON.CERN.CH.
va. 172800 IN NS MICHAEL.VATICAN.va.
va. 172800 IN NS NS.RIPE.NET.
va. 172800 IN NS JOHN.VATICAN.va.
va. 172800 IN NS NS.URBE.IT.
va. 172800 IN NS SETH.NAMEX.IT.
va. 172800 IN NS OSIRIS.NAMEX.IT.
;; Received 416 bytes from 192.58.128.30#53(J.ROOT-SERVERS.NET) in 256 ms
fabricsp.va. 86400 IN MX 10 lists.vatican.va.
fabricsp.va. 86400 IN MX 20 paul.vatican.va.
fabricsp.va. 86400 IN MX 50 proxy2.urbe.it.
fabricsp.va. 86400 IN MX 90 john.vatican.va.
va. 86400 IN NS john.vatican.va.
va. 86400 IN NS seth.namex.it.
va. 86400 IN NS osiris.namex.it.
va. 86400 IN NS michael.vatican.va.
va. 86400 IN NS ext-dns-2.cern.ch.
va. 86400 IN NS ns.ripe.net.
va. 86400 IN NS ns.urbe.it.
va. 86400 IN NS dns.nic.it.
va. 86400 IN NS dns2.it.net.
;; Received 510 bytes from 193.205.245.5#53(DNS.NIC.IT) in 155 ms
however if i try to do a dig on vatican.va it works fine
# dig mx vatican.va
; <<>> DiG 9.2.4 <<>> mx vatican.va
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40639
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 5
;; QUESTION SECTION:
;vatican.va. IN MX
;; ANSWER SECTION:
vatican.va. 85762 IN MX 10 lists.vatican.va.
vatican.va. 85762 IN MX 20 paul.vatican.va.
vatican.va. 85762 IN MX 50 proxy2.urbe.it.
;; AUTHORITY SECTION:
vatican.va. 85749 IN NS john.vatican.va.
vatican.va. 85749 IN NS michael.vatican.va.
vatican.va. 85749 IN NS dns2.it.net.
vatican.va. 85749 IN NS dns3.nic.it.
;; ADDITIONAL SECTION:
lists.vatican.va. 85762 IN A 212.77.6.62
paul.vatican.va. 85762 IN A 212.77.0.113
proxy2.urbe.it. 75562 IN A 193.43.128.7
dns2.it.net. 10433 IN A 151.1.2.1
john.vatican.va. 85749 IN A 212.77.0.110
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Sep 6 13:28:37 2006
;; MSG SIZE rcvd: 270
i thought i was being blocked by ip but i'm able to lookup the vatican.va
but not other domain.
does anyone have an idea why i'm getting this result.
patrick
More information about the bind-users
mailing list