[SURBL-Discuss] Heads-up: m.surbl.org
Steve Freegard
steve.freegard at fsl.com
Thu Mar 14 16:46:05 CET 2013
Jeff,
After I hit send on the last message - I suddenly realised what you
meant by m4.surbl.org:
[root at mx1 ~]# host m.surbl.org
m.surbl.org has address 64.73.0.23
m.surbl.org has address 64.73.128.55
m.surbl.org has address 188.40.23.68
m.surbl.org has address 216.143.70.135
m4 being the 4th host 216.143.70.135 and I can see it's no longer being
sent:
[root at mx1 ~]# host m.surbl.org ns100.surbl.org
Using domain server:
Name: ns100.surbl.org
Address: 94.228.131.210#53
Aliases:
m.surbl.org has address 188.40.23.68
m.surbl.org has address 64.73.0.23
m.surbl.org has address 64.73.128.55
But it's still in my cache due to the 1 day TTL on the record, so I've
had to restart the cache to prevent the false positives.
Sorry for the noise.
Cheers,
Steve.
On 14/03/13 15:39, Steve Freegard wrote:
> Hi Jeff,
>
> On 14/03/13 12:36, Jeff Chan wrote:
>>
>> Thanks much Steve,
>> I can duplicate the results, but it's actually for m4.surbl.org and
>> related nameservers. We've undelegated those until they can be fixed.
>>
>>
>
> Just got another report of this:
>
> [root at mx1 ~]# host -a msft.net.multi.surbl.org m.surbl.org.
> Trying "msft.net.multi.surbl.org"
> Using domain server:
> Name: m.surbl.org.
> Address: 216.143.70.135#53
> Aliases:
>
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31832
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;msft.net.multi.surbl.org. IN ANY
>
> ;; ANSWER SECTION:
> msft.net.multi.surbl.org. 180 IN A 127.0.0.4
> msft.net.multi.surbl.org. 180 IN TXT "on lists [jp], See:
> http:// http:// http:// http:// http:// http:// http:// http://
> http:// http:// http:// http:// http:// http:// http:// http://
> http:// http:// http:// http:// http:// http:// http:// http://
> http:// http:// http:// http:// http://www"
>
> Received 325 bytes from 216.143.70.135#53 in 46 ms
>
> I'm still seeing m.surbl.org in the NS list - I also note that the TTL
> means that it would take 24 hours for a change to be reflected anyway:
>
> [root at mx1 ~]# dig +trace multi.surbl.org
>
> ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> +trace
> multi.surbl.org
> ;; global options: printcmd
> . 6936 IN NS b.root-servers.net.
> . 6936 IN NS c.root-servers.net.
> . 6936 IN NS d.root-servers.net.
> . 6936 IN NS e.root-servers.net.
> . 6936 IN NS f.root-servers.net.
> . 6936 IN NS g.root-servers.net.
> . 6936 IN NS h.root-servers.net.
> . 6936 IN NS i.root-servers.net.
> . 6936 IN NS j.root-servers.net.
> . 6936 IN NS k.root-servers.net.
> . 6936 IN NS l.root-servers.net.
> . 6936 IN NS m.root-servers.net.
> . 6936 IN NS a.root-servers.net.
> ;; Received 332 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms
>
> org. 172800 IN NS b2.org.afilias-nst.org.
> org. 172800 IN NS d0.org.afilias-nst.org.
> org. 172800 IN NS b0.org.afilias-nst.org.
> org. 172800 IN NS a0.org.afilias-nst.info.
> org. 172800 IN NS a2.org.afilias-nst.info.
> org. 172800 IN NS c0.org.afilias-nst.info.
> ;; Received 435 bytes from 192.228.79.201#53(b.root-servers.net) in 43 ms
>
> surbl.org. 86400 IN NS ns100.surbl.org.
> surbl.org. 86400 IN NS ns101.surbl.org.
> surbl.org. 86400 IN NS ns200.surbl.org.
> surbl.org. 86400 IN NS ns201.surbl.org.
> surbl.org. 86400 IN NS ns300.surbl.org.
> surbl.org. 86400 IN NS ns301.surbl.org.
> surbl.org. 86400 IN NS ns302.surbl.org.
> ;; Received 341 bytes from 199.249.120.1#53(b2.org.afilias-nst.org) in
> 23 ms
>
> multi.surbl.org. 86400 IN NS l.surbl.org.
> multi.surbl.org. 86400 IN NS h.surbl.org.
> multi.surbl.org. 86400 IN NS b.surbl.org.
> multi.surbl.org. 86400 IN NS c.surbl.org.
> multi.surbl.org. 86400 IN NS k.surbl.org.
> multi.surbl.org. 86400 IN NS f.surbl.org.
> multi.surbl.org. 86400 IN NS a.surbl.org.
> multi.surbl.org. 86400 IN NS i.surbl.org.
> multi.surbl.org. 86400 IN NS n.surbl.org.
> multi.surbl.org. 86400 IN NS g.surbl.org.
> multi.surbl.org. 86400 IN NS m.surbl.org.
> multi.surbl.org. 86400 IN NS j.surbl.org.
> multi.surbl.org. 86400 IN NS e.surbl.org.
> multi.surbl.org. 86400 IN NS d.surbl.org.
> ;; Received 481 bytes from 94.228.131.210#53(ns100.surbl.org) in 123 ms
>
> multi.surbl.org. 180 IN SOA dev.null. zone.surbl.org.
> 1363274558 180 180 604800 180
> ;; Received 82 bytes from 211.29.132.122#53(l.surbl.org) in 190 ms
>
> I also notice the zone serial is different across some of the mirrors
> (not sure if this is normal or not):
>
> [root at mx1 ~]# for i in `echo a b c d e f g h i j k l m n`; do echo
> -en "$i.surbl.org: "; host -t SOA multi.surbl.org $i.surbl.org | tail
> -n1; done
> a.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275315 180 180 604800 180
> b.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275171 180 180 604800 180
> c.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275139 180 180 604800 180
> d.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275315 180 180 604800 180
> e.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275315 180 180 604800 180
> f.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275139 180 180 604800 180
> g.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275171 180 180 604800 180
> h.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275171 180 180 604800 180
> i.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275171 180 180 604800 180
> j.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275139 180 180 604800 180
> k.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275105 180 180 604800 180
> l.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275139 180 180 604800 180
> m.surbl.org: Host multi.surbl.org not found: 5(REFUSED)
> n.surbl.org: multi.surbl.org has SOA record dev.null. zone.surbl.org.
> 1363275171 180 180 604800 180
>
> Cheers,
> Steve.
More information about the Discuss
mailing list