SERVFAIL on some queries?
Brad Knowles
brad.knowles at skynet.be
Sat Sep 22 00:09:34 UTC 2001
At 10:40 PM +0000 9/21/01, joe d wrote:
> I'm running bind 9.1.3 on Solaris 8. When I issue queries for some domains
> I get SERVFAIL responses. One such query is dig mx seminoleenergy.com. I
> am not responsible for the seminoleenergy.com zone, I'm just trying to send
> mail there.
Well, they seem to be having some pretty serious problems (this
information from DNS Expert Professional 1.6, see
<http://www.menandmice.com/2000/2100_dns_expert.html>):
DNS Expert
Detailed Report for seminoleenergy.com.
9/22/01, 2:06 AM, using the analysis setting "Everything"
======================================================================
Information
----------------------------------------------------------------------
Serial number: 2000070311
Primary name server: nurenya.inetmax.net.
Primary mail server: mail.inetmax.net.
Number of records: 8 (3 NS, 1 MX, 1 A, 3 CNAME, 0 PTR, 0 Other)
Errors
----------------------------------------------------------------------
o The name server "nurenya.inetmax.net." is not listed in delegation
data
The server "nurenya.inetmax.net." is listed as being
authoritative for the zone according to the zone data, but there
is no NS record for that server in the delegation data.
Delegation data and zone data should always match.
o An MX record for "seminoleenergy.com." refers to
"mail.inetmax.net." which is a CNAME record
An MX record in the zone "seminoleenergy.com." refers to the mail
server "mail.inetmax.net." The record "mail.inetmax.net." is a
CNAME record, not an A record.
o The name server "ns2.inetmax.net." is vulnerable to spoofing attacks
The cache of the server "ns2.inetmax.net." can be poisoned with
false data. This is a threat to the security of your domain.
o The name server "nurenya.inetmax.net." is vulnerable to spoofing
attacks
The cache of the server "nurenya.inetmax.net." can be poisoned
with false data. This is a threat to the security of your domain.
o There is no PTR record for the host "seminoleenergy.com."
There is no PTR record available for the host
"seminoleenergy.com." which has the IP address 216.85.127.224.
Warnings
----------------------------------------------------------------------
o The zone contains more than one authoritative name server with the
same IP address
The name servers "ns1.inetmax.net." and "nurenya.inetmax.net.",
which are authoritative for "seminoleenergy.com.", have the same
IP address (209.12.38.10).
o All name servers for the zone are on the same subnet.
All name servers for the zone are on the same subnet
(209.12.38.*). If the connection to the network breaks, your
domain will become inaccessible.
o There is only one MX record in the zone
The zone contains only one MX record. This will cause mail
delivery problems if the primary mail server becomes unavailable.
For safety purposes, there should be two or more mail servers
for every zone, the extra mail servers being used as backup
(secondary) servers for the primary server.
----------------------------------------------------------------------
end of report
I sincerely doubt that there's anything you can do to fix any of
these problems.
--
Brad Knowles, <brad.knowles at skynet.be>
H4sICIFgXzsCA2RtYS1zaWcAPVHLbsMwDDvXX0H0kkvbfxiwVw8FCmzAzqqj1F4dy7CdBfn7
Kc6wmyGRFEnvvxiWQoCvqI7RSWTcfGXQNqCUAnfIU+AT8OZ/GCNjRVlH0bKpguJkxiITZqes
MxwpSucyDJzXxQEUe/ihgXqJXUXwD9ajB6NHonLmNrUSK9nacHQnH097szO74xFXqtlbT3il
wMsBz5cnfCR5cEmci0Rj9u/jqBbPeES1I4PeFBXPUIT1XDSOuutFXylzrQvGyboWstCoQZyP
dxX4dLx0eauFe1x9puhoi0Ao1omEJo+BZ6XLVNaVpWiKekxN0VK2VMpmAy+Bk7ZV4SO+p1L/
uErNRS/qH2iFU+iNOtbcmVt9N16lfF7tLv9FXNj8AiyNcOi1AQAA
More information about the bind-users
mailing list