Find all authoritative domains for a nameserver?

[Dan Mahoney]

> Hi all,
> 
> I don't know if there's an easy, or even moderately easy way to do
> this, but can one somehow figure out/get a list of all domains for
> which the nameserver is set to a given IP/server name? For reasons I
> won't get into, the people who register the domains are not the same
> as the people who run the DNS servers (me) and occasionally the
> domains I have zones defined for in my nameservers do not match the
> WHOIS records. Normally, that problem becomes pretty obvious because
> nothing works right, but it does generate a lot of logging for failed
> queries to the nameservers. I guess that would be one way to tell when
> someone has made us authoritative for a domain but not had us create a
> zone file, but is there a way to get a list somehow?

Back in the old netsol days, a name server admin could get a list of domains for which was responsible by request.  There's also a feature in very very old versions of bind called Inverse DNS, implemented against an optional part of one of the DNS spec, that comes close to this.  Nowadays, verisign and a few others WILL let you download the COM zone via FTP once a day, with special signed agreements (mainly for research purposes, not to solve your problem).

Your best answer comes in either your logs (with some simple grep and perl to do the dig +trace, could make a nice useful report), or some other tool like TCPDUMP, or in a passive DNS provider, but the reality is, all these methods require someone to be querying it.  Thankfully, spambots seem to do this quite a lot, and manage to find "new" domains at an alarming pace.

-Dan Mahoney
ISC