At 18:04 02-06-2009, SURBL Role wrote:
The 202.106 servers seem to be giving the right results now:
These servers are still giving the wrong results.
You may wish to test for flickr.com.multi.surbl.org too.
Regards, -sm
On 6/2/09, SM sm@resistor.net wrote:
At 18:04 02-06-2009, SURBL Role wrote:
The 202.106 servers seem to be giving the right results now:
These servers are still giving the wrong results.
You may wish to test for flickr.com.multi.surbl.org too.
Regards,
-sm
Thanks. It looks like it depends on what's queried.
This December 2007 paper "The Great DNS Wall of China" suggests that Chinese ISPs are (being forced to) distort DNS results for domains that contain certain strings:
http://cs.nyu.edu/~pcw216/work/nds/final.pdf.
So it seems flickr.com and twitter.com are being censored via DNS responses.
I made a script to check some domains and testpoints on all nameservers. Here's the current output:
__
ERROR: 'host twitter.com.multi.surbl.org k5.surbl.org' should have returned NXDOMAIN but gave:
Using domain server: Name: k5.surbl.org Address: 123.125.50.246#53 Aliases:
twitter.com.multi.surbl.org has address 209.145.54.50 ;; Warning: Message parser reports malformed message packet. ;; Got bad packet: bad label type 88 bytes 21 64 85 80 00 01 00 01 00 00 00 00 07 74 77 69 74 74 65 72 03 63 6f 6d 05 6d 75 6c 74 69 05 73 75 72 62 6c 03 6f 72 67 00 00 0f 00 01 07 74 77 69 74 74 65 72 03 63 6f 6d 05 6d 75 6c 74 69 05 73 75 72 62 6c 03 6f 72 67 00 00 0f 00 01 00 01 51 80 00 04 04 24 42 b2
ERROR: 'host flickr.com.multi.surbl.org k5.surbl.org' should have returned NXDOMAIN but gave:
Using domain server: Name: k5.surbl.org Address: 123.125.50.246#53 Aliases:
flickr.com.multi.surbl.org has address 203.161.230.171 ;; Warning: Message parser reports malformed message packet. flickr.com.multi.surbl.org has address 202.106.1.2
__
I also got intermittent errors for the 202.106 nameservers so we're undelegating all three and contacting the nameserver operators.
Sigh, :(
Jeff C.
On 6/2/09, Jeff Chan jeffc@surbl.org wrote:
This December 2007 paper "The Great DNS Wall of China" suggests that Chinese ISPs are (being forced to) distort DNS results for domains that contain certain strings:
BTW I found this paper because it references one of the false IPs returned:
4.36.66.178