FORMERR responses after upgrading resolver from 9.16 to 9.18.8

[Andreas S. Kerber]

Am Fri, Oct 21, 2022 at 01:21:36PM +0200 schrieb Borja Marcos:
> But tell your customer that their email message didn’t arrive on time because the recipient has a misconfigured DNS server and
> try to explain to them that, yes, Google resolved it successfully but you are working for the common good.

+1

While it's possible to enter those bad apples with a server{} statement in named.conf, this reactive approach is not always feasible. In our cases this week some mail bounced, since our MTAs could not resolve some domainnames and customers obviously don't like that, which triggered some support cases etc.

After further analysis of our logs the problem probably really is not all that big, just very few names where not resolvable. Nonetheless, we've decided to leave one of resolvers at 9.16 for now as a "last resort" for those faulty names, and the other resolvers continue to run fine with 9.18.

If I can find a few definite way to easily identify these bad apples from our resolver logs, I might notify the operators. I guess https://ednscomp.isc.org/ already has a way more comprehensive view on the issue and therefore better data for such notifications though ;-)