On Wednesday 03 Apr 2002 19:51, Greg A. Woods wrote:
> As to why this particular example isn't following
>
> $ host -t txt -c ch version.bind dns1.plymouth.ac.uk
> version.bind TXT "Unknown"
> !!! version.bind TXT record has zero ttl
>
> That's suspiciously looking like a hacked version of BIND-4 or BIND-8,
> or mabye it's a recent BIND-9 with a customised version configured into
> it -- but IIRC the only versions that scrambled PTR records were very
> early ones..... (I've not tested BIND-9 in this regard -- I'll have to
> get it running on my test server again....)
>
It's BIND 9.2.0 - I look after the mailhubs and the DNS. The version.bind
record is built into BIND at this version. All I have done is provide the
text 'Unknown'. ISC gave it the 0 TTL.
> The other two seem to be working OK, at least for the series of queries
> I tried against them. They both always return 'mail.plymouth.ac.uk' first.
> They either are not running BIND, or are running a version hacked to
> ignore version queries, or are running BIND-9 and are filtering queries:
>
Our name servers are running 9.2.0, but the mailhubs themselves only run
caching name servers with no access to non-Uni sites.
> $ host -t txt -c ch version.bind dns1.cs.strath.ac.uk
> Nameserver dns1.cs.strath.ac.uk not responding
> version.bind TXT record in class CH not found, try again
>
For these secondary sites I get:
host -t txt -c ch version.bind dns1.cs.strath.ac.uk
Using domain server:
Name: dns1.cs.strath.ac.uk
Address: 130.159.196.126#53
Aliases:
VERSION.BIND text "8.2.3-REL"
> $ host -t txt -c ch version.bind dns2.cs.strath.ac.uk
> Nameserver dns2.cs.strath.ac.uk not responding
> version.bind TXT record in class CH not found, try again
>
host -t txt -c ch version.bind dns2.cs.strath.ac.uk
Using domain server:
Name: dns2.cs.strath.ac.uk
Address: 130.159.196.125#53
Aliases:
VERSION.BIND text "8.2.3-REL"
> 3 b) Optionally reject if there are no valid PTR RR(s)
> returned.
>
> For generic e-mail purposes 3.b is probably still too strict to use
> by default, though I know several people (not me!) who are enforcing
> it now, and they claim relative success (they are not ISPs though).
>
Our mailhubs (Exim 3.35) are more liberal than our other servers which are
now running Exim 4.02. On those we are strict, and I have lncluded (today in
fact!) a check that a PTR record is present. However, no-one should really be
emailing the server(s), so they can hardly complain :-)
Many thanks for the reply, and all the info :-)
John.
--
John Horne, University of Plymouth, UK Tel: +44 (0)1752 233914
E-mail: jhorne@???
PGP key available from public key servers
