Re: RPZ Errors

2013-11-11 Thread Phil Mayers
On 08/11/13 23:52, Crist Clark wrote: I've just set up an RPZ using a third party feed. I am getting lots and lots of "info" and "warning" messages in the logs. However, I am not sure whether they actually are indicative of a problem I that may be impacting operations or just a "nice to know" abo

dns not resolving

2013-11-11 Thread S. Jeff Cold
I have two DNS servers both running Debian Linux 7.2.0, BIND 9.8.4 in a private LAN. I set up an unregistered domain to see how things would run. When I run dig on the domain just to see if it will resolve, I get this error: ; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> jeffdiss.org ;; global options

DNS format error

2013-11-11 Thread Jim Pazarena
I see in my logs "DNS format error from 205.178.190.53#53 resolving excelwetsuits.com/MX for client 207.34.147.83#54521: invalid response" The client is *my* mail server IP. I am wondering is this error on MY side or their's ? It doesn't sound like it. If it's on their end.. how far should someo

Re: dns not resolving

2013-11-11 Thread Alan Clegg
On Nov 11, 2013, at 12:11 PM, S. Jeff Cold wrote: > I have two DNS servers both running Debian Linux 7.2.0, BIND 9.8.4 in a > private LAN. I set up an unregistered domain to see how things would run. > When I run dig on the domain just to see if it will resolve, I get this error: [ SERVFAIL

Re: DNS format error

2013-11-11 Thread Tony Finch
Jim Pazarena wrote: > I see in my logs "DNS format error from 205.178.190.53#53 resolving > excelwetsuits.com/MX for client 207.34.147.83#54521: invalid response" > The client is *my* mail server IP. > > I am wondering is this error on MY side or their's ? Theirs. ; <<>> DiG 9.9.4rc1 <<>> ns ex

Re: dns not resolving

2013-11-11 Thread Mark Andrews
If you have "check-mx fail;" in named.conf then the zone will not load and you will get SERVFAIL. The default is "check-mx warn;". 12-Nov-2013 07:40:07.546 zone jeffdiss.org/IN: jeffdiss.org/MX 'mail.jeffdiss.org' has no address records (A or ) 12-Nov-2013 07:40:07.546 zone jeffdiss.org/IN:

Re: RPZ Errors

2013-11-11 Thread Crist Clark
>From the initial mail: "This is BIND 9.9.2 (Infoblox 6.7.3)." No huge increase in resource usage noted. On Mon, Nov 11, 2013 at 1:47 AM, Phil Mayers wrote: > On 08/11/13 23:52, Crist Clark wrote: > >> I've just set up an RPZ using a third party feed. I am getting lots and >> lots of "info" and