On Fri, Feb 01, 2002 at 03:47:21PM -0600, Brian McGroarty wrote: > > admin singular -- robotattack.com is my home machine. > > RFC 1033 defines a machine name as an absolute address (A) or a > pointer (CNAME), and later states that an ns record contains a machine > name, which would seem to make either an A or a CNAME valid. > > I'd appreciate it if you'd direct me to the newer material that > supersedes the information in RFC 1033, Noah. I'll be searching myself > as well. I don't wish to remain ignorant, of course. > > In the mean time, I've changed the configuration to use the machine's > A name. Hopefully this will prevent Adam or others from seeing the > warning again.
I'm beginning to doubt that your DNS setup had anything to do with this. Now I have: Active System Attack Alerts =-=-=-=-=-=-=-=-=-=-=-=-=-= Feb 1 16:02:25 polaris named[201]: "robotattack.com IN NS" points to a CNAME (cluster.robotattack.com) Feb 1 16:02:25 polaris sm-mta[11059]: g11M29Ne011059: from=<[EMAIL PROTECTED]>, size=1178, class=0, nrcpts=1, +msgid=<[EMAIL PROTECTED]>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1] Feb 1 16:02:25 polaris named[201]: "robotattack.com IN NS" points to a CNAME (cluster.robotattack.com) If it was just the DNS I would not be getting the MTA thing just because I got your email.. I'm going to file a normal bug against logcheck as attack that is part of a domain name should not be reported as it is right now. I guess the problem is that you have a domain with attack in it! Logcheck gets scared and freak out. - Adam
