To:
DNSOP WG <dnsop@cafax.se>
From:
Markus Stumpf <maex-lists-dns-ietf-dnsop@Space.Net>
Date:
Tue, 10 Dec 2002 12:31:36 +0100
Content-Disposition:
inline
Sender:
owner-dnsop@cafax.se
User-Agent:
Mutt/1.2.5.1i
Subject:
DNS abuse handling/complaining strategies
Sorry if this is not fully on topic, but I couldn't find any documents or a IMHO better place to ask. We have the problem that your nameservers sometimes get flooded by queries a) misconfigured DNS delgations b) through broken resolver libraries Currently this happens through 0.138.20.68.in-addr.arpa. 2H IN NS ns3.dns.space.net. 0.138.20.68.in-addr.arpa. 2H IN NS ns1.ameritech.net. 0.138.20.68.in-addr.arpa. 2H IN NS ns2.ameritech.net. 0.138.20.68.in-addr.arpa. 2H IN NS ns.space.net. I don't know why Ameritech thinks two of our DNS server should be AUTH for that netblock. I have mailed the usual places (SOA contact, abuse@ameritech.net) more than one time within the last 14 days but all I got back were robot answers. We see a few thousands of queries per day. As the queries come from all over the world we cannot simply block/filter them. What would be the best strategy to get the problem fixed, i.e. misconfigured delegation and non-responsive contacts? - Add the zone and setup PTRs like we.are.clueless.ignorants.<isp-domain> - Write the RIR (i.e. ARIN) and ask them to remove the delegation for 20.68.in-addr.arpa? Would/should the RIR take (such) actions? What are others doing? Thanks, \Maex P.S. Ameritech is not the only one causing this kinda problems. But the others usually react if one gets obtrusive enough. -- SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0 Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299 "The security, stability and reliability of a computer system is reciprocally proportional to the amount of vacuity between the ears of the admin" #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.