no _smtp_tls in published zone

Mark Andrews marka at isc.org
Wed Jun 2 05:41:44 UTC 2021 


> On 2 Jun 2021, at 14:59, Brett Delmage <Brett at BrettDelmage.ca> wrote:
> 
> I have added the following two records
> _mta-sts.BrettDelmage.ca.                     180 IN TXT        "v=STSv1; id=2021060102;"
> _smtp._tls.BrettDelmage.ca.                   180 IN TXT        "TLSRPTv1; rua=mailto:brett at brettdelmage.ca"
> to a signed zone to enable Mail Transfer Agent Strict Transport Security.
> 
> When I run
> 
> /var/lib/bind/master# named-compilezone -k warn -o - BrettDelmage.ca BrettDelmage.ca
> 
> I get the expected error for the leading _, but only for _mta_sts.

Underscore is not an issue for TXT records.  The check-names report is for mta_sts.BrettDelmage.ca not _mta_sts.BrettDelmage.ca.

> BrettDelmage.ca:21: mta_sts.BrettDelmage.ca: bad owner name (check-names)
> zone BrettDelmage.ca/IN: loaded serial 2021060110
> BrettDelmage.ca.                              180 IN SOA        cacloud.brettdelmage.ca. hostmaster.BrettDelmage.ca. 2021060110 180 300 1814400 3600
> ...
> _mta-sts.BrettDelmage.ca.                     180 IN TXT        "v=STSv1; id=2021060102;"
> _smtp._tls.BrettDelmage.ca.                   180 IN TXT        "TLSRPTv1; rua=mailto:brett at brettdelmage.ca"
> ...
> OK
> 
> When I load the zone I can fetch _mta-sts.BrettDelmage.ca
> dig @127.0.0.1 _mta-sts.brettdelmage.ca txt +short
> "v=STSv1; id=2021060102;"
> 
> but not _smtp._tls.BrettDelmage.ca.:
> 
> dig @127.0.0.1 _smtp._tls.brettdelmage.ca txt
> 
> ; <<>> DiG 9.16.16-Ubuntu <<>> @127.0.0.1 _smtp._tls.brettdelmage.ca txt
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 37893
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 1232
> ; COOKIE: a70534bd6a80a8c70100000060b70dbd54a4db11f1a5b7d1 (good)
> ;; QUESTION SECTION:
> ;_smtp._tls.brettdelmage.ca.    IN      TXT
> 
> ;; AUTHORITY SECTION:
> BrettDelmage.ca.        180     IN      SOA     cacloud.brettdelmage.ca. hostmaster.BrettDelmage.ca. 2021060110 180 300 1814400 3600
> 
> -----
> named -v
> BIND 9.16.16-Ubuntu (Stable Release) <id:0c314d8>
> 
> What am I doing wrong here?

Not looking at the nameserver’s logs when the zone is loaded.  If it has failed to load for any reason that will be reported.

> Thanks!
> 
> Brett
> 
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
> 
> ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
> 
> 
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org

More information about the bind-users mailing list