relax 'ignoring out-of-zone data' checks?
Simon Waters
Simon at wretched.demon.co.uk
Fri Jul 12 20:42:30 UTC 2002
Ian Marsh wrote:
>
> *. MX 6 mailrelay.hants.gov.uk.
> *.com. MX 6 mailrelay.hants.gov.uk.
> *.uk. MX 7 mailrelay.hants.gov.uk.
> *.gov.uk. MX 7 mailrelay.hants.gov.uk.
> etc...
>
> This has gotten around the problem and has worked find for a number of
> years. Now, however, we want to upgrade the DNS server to the latest
> release of Bind and it is ever so kindly rejecting those wildcards!
These are only "out of zone" if your server doesn't declare
itself a root nameserver.
When you say "internal" I assume this means it can't resolve say
www.microsoft.com as it is firewalled away? You just want to
send mail for Microsoft to the mail relays who have a proper
DNS?
If so in named.conf...
zone "." {
type master;
file "myroot.db";
..... stuff needed...
}
and create a zone file myroot.db for "." and put these records
in it. Cricket covers this in the O'Reilly DNS and BIND, just
your predecessor took a messy shortcut I suspect.
I don't think BIND 9 can relax it's out of zone checks as such,
they have programmed hard to stop that very kind of thing
happening ;)
More information about the bind-users
mailing list