Stopping name server abuse

Hi, We had a former customer who parked about 300 domains with his registry on our server but is no longer a customer and hasn't moved his domains. There aren't any hosts behind the domains. Is there anything more I can do to block/prevent them from continually querying my system outside of just r

Re: Stopping name server abuse

Unfortunately I don’t think that there is, other than the nuclear option of becoming authoritative and pointing them elsewhere. That would be a jackass move though. W On Sun, Jun 24, 2018 at 3:30 PM Alex wrote: > Hi, > We had a former customer who parked about 300 domains with his > registry o

Re: Stopping name server abuse

hi, why dont you just delete the zones? j. Am 24.06.2018 um 22:35 schrieb Warren Kumari: Unfortunately I don’t think that there is, other than the nuclear option of becoming authoritative and pointing them elsewhere. That would be a jackass move though. W On Sun, Jun 24, 2018 at 3:30 PM Alex

Re: Stopping name server abuse

In article , jo...@hasig.de wrote: > hi, > why dont you just delete the zones? That won't stop the queries from coming to the server. -- Barry Margolin Arlington, MA ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe f

Re: Stopping name server abuse

yes, but it minimizes the use of resources because the only answer is nxdomain. j. Am 24.06.2018 um 23:41 schrieb Barry Margolin: In article , jo...@hasig.de wrote: hi, why dont you just delete the zones? That won't stop the queries from coming to the server.

Re: Stopping name server abuse

I disagree. Put up classy default page that is smart but funny while pointing out that owners of the domains are morons. So many options here! John Sent from Nine From: Warren Kumari Sent: Jun 24, 2018 3:36 PM To: Alex Cc: bind-users@

Re: Stopping name server abuse

On Sun, Jun 24, 2018 at 04:30:08PM -0400, Alex wrote: > Hi, > We had a former customer who parked about 300 domains with his > registry on our server but is no longer a customer and hasn't moved > his domains. There aren't any hosts behind the domains. > > Is there anything more I can do to block/

Re: Stopping name server abuse

You should just be able to ask the registries to remove the delegations in a sane world as per RFC 1033. COMPLAINTS These are the suggested steps you should take if you are having problems that you believe are caused by someone else's name server: 1. Complain privately to the responsi

Re: Stopping name server abuse

Sorry for the noise ___ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users

Re: Stopping name server abuse

You could ask the registrar/root domain admins to point those domains somewhere other than your server; or just delete them from the root servers at their perogative.  You might want to give your ex-customer a final warning beforehand as to your intent.  It might spur them into actionand maybe

Re: Stopping name server abuse

On 25/06/2018 10:09, ma...@isc.org wrote: > Sorry for the noise What noise? Your post is to the point and appropriate, lots of members of this list may be in this situation and ignore it because they have NFI on what to do, so you've helped them. Though personally I have done a few times what

Re: Stopping name server abuse

Is it possible to get BIND not to respond at all, thereby causing a timeout on the query? That would perhaps reduce load more than NXDOMAIN or deleting the sone(s) would. On Mon, 25 Jun 2018 00:03:09 +0200 jo...@hasig.de wrote: > yes, but it minimizes the use of resources because the only answer

RE: Stopping name server abuse

If the incoming query has already been parsed and it BIND instance now knows it doesn't need to respond, it's already done all the work, so there's no point not sending the response. To introduce something before the BIND instance in userspace, then for every legitimate query you are double-proc