nanog mailing list archives

Re: what happens when you put a typo in a DNSBL server?

From: "Chris L. Morrow" <christopher.morrow () verizonbusiness com>
Date: Tue, 16 Jan 2007 18:32:07 +0000 (GMT)




On Tue, 16 Jan 2007, Wes Hardaker wrote:



A number of ISPs use njabl.org as a DNS BL server.  However, starting
jan 2 a new domain exists "njalb.org" which is serving A records for
anything queried against it's DNS server.  (note the difference: njaBL
vs njaLB). Previous to this date a misconfigured ISP was just not
being protected by the BL.  Now, it's potentially dropping all mail
from anyone because of the typo.

# dig +short mail.merit.edu a
198.108.1.11

# dig +short 11.1.108.198.combined.njabl.org

# dig +short 11.1.108.198.combined.njalb.org
64.20.43.107
66.45.232.66
66.45.232.75
66.45.237.187


right, these are those pesky njiix.net 'dns servers' that send the same 4
A's for any request. I suspect their zone config is:

*       IN      A       64.20.43.107
        IN      A       66.45.232.66
        IN      A       66.45.232.75
        IN      A       66.45.237.187

in the root.zone file :(

Current thread:

what happens when you put a typo in a DNSBL server? Wes Hardaker (Jan 16)
- Re: what happens when you put a typo in a DNSBL server? Alexander Harrowell (Jan 16)
- Re: what happens when you put a typo in a DNSBL server? John Levine (Jan 16)
  - Re: what happens when you put a typo in a DNSBL server? Wes Hardaker (Jan 16)
    - Re: what happens when you put a typo in a DNSBL server? John L (Jan 16)
    - Re: what happens when you put a typo in a DNSBL server? Steve Sobol (Jan 19)
- Re: what happens when you put a typo in a DNSBL server? Chris L. Morrow (Jan 16)
- Re: what happens when you put a typo in a DNSBL server? Steve Linford (Jan 16)
- Re: what happens when you put a typo in a DNSBL server? Steve Atkins (Jan 17)