From mauricio.camayo at gmail.com Mon Dec 1 16:28:15 2008 From: mauricio.camayo at gmail.com (Mauricio Camayo) Date: Mon, 1 Dec 2008 16:28:15 -0500 Subject: Help on windows Message-ID: Hi list I'm currently trying to make some minor changes on MaraDNS for windows, so I can use it for something specific I need. Problem is don't know how to compile it on win32. Shall I use cygwin or dev-c++? Anyone have a tutorial on this? From leolistas at solutti.com.br Thu Dec 11 08:56:07 2008 From: leolistas at solutti.com.br (=?ISO-8859-1?Q?Leonardo_Rodrigues_Magalh=E3es?=) Date: Thu, 11 Dec 2008 11:56:07 -0200 Subject: problem with recursive configuration and CNAMEs Message-ID: <49411BF7.20703@solutti.com.br> Hi, i got maradns running as a simple recursive server, but i'm having some problems resolving CNAME records. maradns has no authoritative zone, it's only resolving the network requests recursively. i have tried enabled error logging (verbose_level=2) and also raising timeout (timeout_seconds=6) but i keep having problems resolving CNAME records. as i couldnt get any useful logs from maradns, the only thing i can see are my squid logs, which points nameserver resolutions failures: 2008/12/11 11:44:35| ipcacheParse: No Address records in response to 'id.google.com.br' 2008/12/11 11:44:35| ipcacheParse: No Address records in response to 'id.google.com.br' 2008/12/11 11:44:41| ipcacheParse: No Address records in response to 'br.busca.yahoo.com' 2008/12/11 11:44:41| ipcacheParse: No Address records in response to 'br.busca.yahoo.com' 2008/12/11 11:45:14| ipcacheParse: No Address records in response to 'liveupdate.symantecliveupdate.com' 2008/12/11 11:45:14| ipcacheParse: No Address records in response to 'liveupdate.symantecliveupdate.com' 2008/12/11 11:45:20| ipcacheParse: No Address records in response to 'clients1.google.com' 2008/12/11 11:45:20| ipcacheParse: No Address records in response to 'clients1.google.com' 2008/12/11 11:46:27| ipcacheParse: No Address records in response to 'crl.verisign.com' 2008/12/11 11:46:27| ipcacheParse: No Address records in response to 'crl.verisign.com' i have absolutely NO problems resolving names which are A records. The problem seems to be only with CNAME records. sometimes those CNAME records are correctly resolved, but other times they fail to resolve. A records, as stated, ALWAYS resolves fine. i'm running latest maradns stable: 1.3.07.09 my /etc/mararc is: root at sede:/etc# cat mararc hide_disclaimer="YES" chroot_dir="/etc/maradns" no_fingerprint = 0 bind_address="0.0.0.0" maradns_uid=65534 maxprocs=10 random_seed_file="/dev/urandom" max_mem=4194304 maximum_cache_elements=8192 recursive_acl="192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, 127.0.0.0/8" timeout_seconds=6 verbose_level=2 root_servers={} root_servers["."] = "198.41.0.4, 192.228.79.201, 192.33.4.12, 128.8.10.90," root_servers["."] += "192.203.230.10, 192.5.5.241, 192.112.36.4, 128.63.2.53," root_servers["."] += "192.36.148.17, 192.58.128.30, 193.0.14.129, 199.7.83.42," root_servers["."] += "202.12.27.33" root at sede:/etc# -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, N?O mandem email gertrudes at solutti.com.br My SPAMTRAP, do not email it From Jon.J.Flechsenhaar at boeing.com Thu Dec 11 14:14:28 2008 From: Jon.J.Flechsenhaar at boeing.com (Flechsenhaar, Jon J) Date: Thu, 11 Dec 2008 11:14:28 -0800 Subject: Negative caching with maradns Message-ID: <0E24ED2A7F9AA349A8633E6A56A64BE0050AC3F4@XCH-SW-2V1.sw.nos.boeing.com> I am wondering if there is a way to compile or configure maradns to NOT cache NX records or negative cache records? I only want maradns to cache responses that have a actual answer. Thanks. Jon Flechsenhaar Boeing WNW Team Network Services Layer (714)-372-5172 B11-F2-2B60 From strenholme.usenet at gmail.com Thu Dec 11 14:50:06 2008 From: strenholme.usenet at gmail.com (Sam Trenholme) Date: Thu, 11 Dec 2008 13:50:06 -0600 Subject: Negative caching with maradns In-Reply-To: <0E24ED2A7F9AA349A8633E6A56A64BE0050AC3F4@XCH-SW-2V1.sw.nos.boeing.com> References: <0E24ED2A7F9AA349A8633E6A56A64BE0050AC3F4@XCH-SW-2V1.sw.nos.boeing.com> Message-ID: <7bd685720812111150x7e9cc56fsca74d5b06afca88e@mail.gmail.com> It would have to be done with UTSL: Use the source Luke. The patch would only be a couple of lines in size. I will not make this change with MaraDNS' caching code since that branch of MaraDNS is frozen; however I'm opening to aadding a feature like this to Deadwood (the next-generation recursive resolver for MaraDNS that is only a non-recursive resolver right now) - Sam Note: If you send me a MaraDNS-related support question, I reserve the right to post your support email to the Mara-DNS mailing list so that the community at large can examine your issue. MaraDNS security vulnerability reports, however, will be kept confidential. 2008/12/11 Flechsenhaar, Jon J : > I am wondering if there is a way to compile or configure maradns to NOT > cache NX records or negative cache records? I only want maradns to > cache responses that have a actual answer. > > Thanks. > > Jon Flechsenhaar > Boeing WNW Team > Network Services Layer > (714)-372-5172 > B11-F2-2B60 > > > From Jon.J.Flechsenhaar at boeing.com Fri Dec 12 17:10:47 2008 From: Jon.J.Flechsenhaar at boeing.com (Flechsenhaar, Jon J) Date: Fri, 12 Dec 2008 14:10:47 -0800 Subject: Negative caching with maradns In-Reply-To: <7bd685720812111150x7e9cc56fsca74d5b06afca88e@mail.gmail.com> References: <0E24ED2A7F9AA349A8633E6A56A64BE0050AC3F4@XCH-SW-2V1.sw.nos.boeing.com> <7bd685720812111150x7e9cc56fsca74d5b06afca88e@mail.gmail.com> Message-ID: <0E24ED2A7F9AA349A8633E6A56A64BE0050FDE28@XCH-SW-2V1.sw.nos.boeing.com> I know it's a easy patch. Unfortunatley my programs policy is to not modify open source. I know that probably doesn't make sense, but that's how it is. We can live with the current behavior. In the future if a configuration option is added to the next generation Maradns, perhaps we will upgrade or apply that. Thanks for the quick response. Jon Flechsenhaar Boeing WNW Team Network Services Layer (714)-372-5172 B11-F2-2B60 -----Original Message----- From: Sam Trenholme [mailto:strenholme.usenet at gmail.com] Sent: Thursday, December 11, 2008 11:50 AM To: Flechsenhaar, Jon J Cc: list at maradns.org Subject: Re: Negative caching with maradns It would have to be done with UTSL: Use the source Luke. The patch would only be a couple of lines in size. I will not make this change with MaraDNS' caching code since that branch of MaraDNS is frozen; however I'm opening to aadding a feature like this to Deadwood (the next-generation recursive resolver for MaraDNS that is only a non-recursive resolver right now) - Sam Note: If you send me a MaraDNS-related support question, I reserve the right to post your support email to the Mara-DNS mailing list so that the community at large can examine your issue. MaraDNS security vulnerability reports, however, will be kept confidential. 2008/12/11 Flechsenhaar, Jon J : > I am wondering if there is a way to compile or configure maradns to > NOT cache NX records or negative cache records? I only want maradns > to cache responses that have a actual answer. > > Thanks. > > Jon Flechsenhaar > Boeing WNW Team > Network Services Layer > (714)-372-5172 > B11-F2-2B60 > > > From ffigue at gmail.com Sun Dec 14 18:51:53 2008 From: ffigue at gmail.com (Figue) Date: Mon, 15 Dec 2008 00:51:53 +0100 Subject: MaraDNS not resolve www.esa.int Message-ID: <43dbd55f0812141551u4393933h59ec053636a39c37@mail.gmail.com> Hi all, I have the development version of MaraDNS 1.3.12, and it has been impossible to resolve www.esa.int Maybe some bug? Thanks. From leolistas at solutti.com.br Mon Dec 15 08:30:36 2008 From: leolistas at solutti.com.br (=?ISO-8859-1?Q?Leonardo_Rodrigues_Magalh=E3es?=) Date: Mon, 15 Dec 2008 11:30:36 -0200 Subject: problem with recursive configuration and CNAMEs In-Reply-To: <49411BF7.20703@solutti.com.br> References: <49411BF7.20703@solutti.com.br> Message-ID: <49465BFC.2040504@solutti.com.br> not a clue on the problem i related last week guys ?? sorry for sending it again, but this problem is really giving me some good headaches and i couldnt find how to get this inconsistency away when using maradns ..... Leonardo Rodrigues Magalh?es escreveu: > > Hi, > > i got maradns running as a simple recursive server, but i'm having > some problems resolving CNAME records. > > maradns has no authoritative zone, it's only resolving the network > requests recursively. > > i have tried enabled error logging (verbose_level=2) and also > raising timeout (timeout_seconds=6) but i keep having problems > resolving CNAME records. > > as i couldnt get any useful logs from maradns, the only thing i can > see are my squid logs, which points nameserver resolutions failures: > > 2008/12/11 11:44:35| ipcacheParse: No Address records in response to > 'id.google.com.br' > 2008/12/11 11:44:35| ipcacheParse: No Address records in response to > 'id.google.com.br' > 2008/12/11 11:44:41| ipcacheParse: No Address records in response to > 'br.busca.yahoo.com' > 2008/12/11 11:44:41| ipcacheParse: No Address records in response to > 'br.busca.yahoo.com' > 2008/12/11 11:45:14| ipcacheParse: No Address records in response to > 'liveupdate.symantecliveupdate.com' > 2008/12/11 11:45:14| ipcacheParse: No Address records in response to > 'liveupdate.symantecliveupdate.com' > 2008/12/11 11:45:20| ipcacheParse: No Address records in response to > 'clients1.google.com' > 2008/12/11 11:45:20| ipcacheParse: No Address records in response to > 'clients1.google.com' > 2008/12/11 11:46:27| ipcacheParse: No Address records in response to > 'crl.verisign.com' > 2008/12/11 11:46:27| ipcacheParse: No Address records in response to > 'crl.verisign.com' > > > i have absolutely NO problems resolving names which are A records. > The problem seems to be only with CNAME records. > > sometimes those CNAME records are correctly resolved, but other > times they fail to resolve. A records, as stated, ALWAYS resolves fine. > > i'm running latest maradns stable: 1.3.07.09 > > > my /etc/mararc is: > > root at sede:/etc# cat mararc > hide_disclaimer="YES" > chroot_dir="/etc/maradns" > no_fingerprint = 0 > bind_address="0.0.0.0" > maradns_uid=65534 > maxprocs=10 > random_seed_file="/dev/urandom" > max_mem=4194304 > maximum_cache_elements=8192 > recursive_acl="192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, 127.0.0.0/8" > timeout_seconds=6 > verbose_level=2 > > root_servers={} > root_servers["."] = "198.41.0.4, 192.228.79.201, 192.33.4.12, > 128.8.10.90," > root_servers["."] += "192.203.230.10, 192.5.5.241, 192.112.36.4, > 128.63.2.53," > root_servers["."] += "192.36.148.17, 192.58.128.30, 193.0.14.129, > 199.7.83.42," > root_servers["."] += "202.12.27.33" > > root at sede:/etc# > > -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, N?O mandem email gertrudes at solutti.com.br My SPAMTRAP, do not email it From ffigue at gmail.com Mon Dec 15 10:24:17 2008 From: ffigue at gmail.com (Figue) Date: Mon, 15 Dec 2008 16:24:17 +0100 Subject: MaraDNS not resolve www.esa.int In-Reply-To: <43dbd55f0812141551u4393933h59ec053636a39c37@mail.gmail.com> References: <43dbd55f0812141551u4393933h59ec053636a39c37@mail.gmail.com> Message-ID: <43dbd55f0812150724ped1440fsd8d658bb31b3efb0@mail.gmail.com> Never mind. It's my fault. Sorry :P On Mon, Dec 15, 2008 at 12:51 AM, Figue wrote: > Hi all, > > I have the development version of MaraDNS 1.3.12, and it has been > impossible to resolve www.esa.int > > Maybe some bug? > > > Thanks. > From hendry at iki.fi Mon Dec 15 15:50:38 2008 From: hendry at iki.fi (Kai Hendry) Date: Mon, 15 Dec 2008 20:50:38 +0000 Subject: segfault on a bad config file Message-ID: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=507591 Hi Sam, I hope this message finds you well. Just passing on a bug report of a user who experienced a segfault with a bad config file. Kind regards, From GregPlatt at ix.netcom.com Tue Dec 16 00:30:08 2008 From: GregPlatt at ix.netcom.com (Greg Platt - Platt Consultants) Date: Mon, 15 Dec 2008 22:30:08 -0700 Subject: How to setup Reverse DNS on Mara? Message-ID: I'm hosting a dedicated server using Debian v3.0.r4 and running Mara as my DNS server. The server presently hosts about 2 dozen domains. Apache 2 runs in virtual host mode on my server which means the server has only 2 IP addressees - not 2 per domain - just 2 for the entire server. For many hosts today's email rules seem to require a valid Reverse DNS entry for each domain on a server. But I did not know how to set up Reverse DNS when I installed Mara and even now know very little about how this works (or should work) in a virtual hosting environment.. However, it has become evident to me that I'm going to NEED to setup reverse DNS because some servers now reject all inbound email if it they cannot find a valid Reverse DNS pointer for the domain (or is it for the server?) sending the email. Lately, I'm getting complaints from users about emails they send bouncing back to them for mysterious reasons with cryptic error messages. I've concluded one reason for that is the lack of any reverse DNS pointers in Mara. But I'm not sure how to set them up and the Mara docs are ominously silent on this subject. Although they do at least mention they support PTR records which I gather are part of what is required to create reverse DNS entries. Have I overlooked something here? Or can someone explain to me what needs to be done to provide valid reverse DNS entries in Mara? Thanks! From remco at webconquest.com Tue Dec 16 02:49:12 2008 From: remco at webconquest.com (Remco Rijnders) Date: Tue, 16 Dec 2008 08:49:12 +0100 Subject: How to setup Reverse DNS on Mara? In-Reply-To: References: Message-ID: <49475D78.2070503@webconquest.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Greg Platt - Platt Consultants schreef: > I'm hosting a dedicated server using Debian v3.0.r4 and running Mara as my > DNS server. The server presently hosts about 2 dozen domains. > > Apache 2 runs in virtual host mode on my server which means the server has > only 2 IP addressees - not 2 per domain - just 2 for the entire server. For > many hosts today's email rules seem to require a valid Reverse DNS entry for > each domain on a server. But I did not know how to set up Reverse DNS when I > installed Mara and even now know very little about how this works (or should > work) in a virtual hosting environment.. > > However, it has become evident to me that I'm going to NEED to setup reverse > DNS because some servers now reject all inbound email if it they cannot find > a valid Reverse DNS pointer for the domain (or is it for the server?) > sending the email. Lately, I'm getting complaints from users about emails > they send bouncing back to them for mysterious reasons with cryptic error > messages. > > I've concluded one reason for that is the lack of any reverse DNS pointers > in Mara. But I'm not sure how to set them up and the Mara docs are ominously > silent on this subject. Although they do at least mention they support PTR > records which I gather are part of what is required to create reverse DNS > entries. > > Have I overlooked something here? Or can someone explain to me what needs to > be done to provide valid reverse DNS entries in Mara? Hi Greg, Your question is not mara specific, even though it does touch certain DNS issues / concerns which you should be aware of as a mail administrator. Certain mail receiving mail servers check to see that the hostname communicated by your smtp server during the mail session does indeed resolve to the IP address your smtp server is on. Furthermore, they might also see if the reverse DNS resolves to the same. The reason that they do this is that it helps (to some extent) in combatting spam problems. Wikipedia has an article on this which briefly explains this situation. You can find it at http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS . If for example you have your mail server configured as smtp.gregplattindustries.com and on IP address 1.2.3.4, this is not a guarantee that it will work, even when a lookup for smtp.gregplattindustries.com will resolve to 1.2.3.4. What is important here is that the reverse lookup of 1.2.3.4 gives smtp.gregplattindustries.com as hostname. Based on the situation you describe, I doubt that is the case. The reverse DNS is probably set to something like server-28393.yourdedicatedISP.net. The reverse DNS is controlled by the ISP that hosts your dedicated server and it is not common for them to delegate this responsibility to you. What can one do about this then? Either you set your mail server hostname to what the reverse DNS is set to (see for example on http://remote.12dt.com/ ), or you ask your ISP to set the reverse DNS to smtp.gregplattindustries.com . Once they've done this you should experience no further problems with this. Contact your hosts support desk and see if they can change this for you or offer an interface to set PTR records yourself. Note that you can still tell your customers to use smtp.theirdomain.com as outgoing mail server and have that resolve to the IP of your own mail server. The communication between your mailserver and your client is not affected by any of this; Only the communication between your mailserver and that of the recipient should go smoother now as forward and reverse DNS now match. In the event that you should have the authority over your own reverse DNS zone (unlikely, but not impossible), Mara does offer support for this. See http://www.maradns.org/faq.html#rdns for further info on this. If after this you still have problems, please feel free to contact me directly. Kind regards, Remco - -- Jabber / GT: remmy at jabber.xs4all.nl ICQ: 760542 MSN: remco at webconquest.com PGP: 0xE4E2CDAB -- encrypted email preferred -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAklHXXgACgkQP0wYCuTizauCGgCgnNQM9BSM5Fjfmqd/e1TC3xAy DOsAn0wPu4AiYwYkUEwASj/22/gRbcL6 =ieM/ -----END PGP SIGNATURE----- From igor at vpsville.ca Fri Dec 19 04:16:03 2008 From: igor at vpsville.ca (Igor) Date: Fri, 19 Dec 2008 09:16:03 +0000 Subject: problems with new .me domain Message-ID: <494B6653.2020803@vpsville.ca> Hi there, I've noticed a problem with the new .me domain name and mara. It seems that wildcard subdomains are not resolving, but any explicitly created subdomains are working ok. I use a script to generate the dns db files so I know they are identical to the working .com, .net, .org etc domains I also host. The only difference is the .me Has anyone encountered this before? From leolistas at solutti.com.br Mon Dec 22 12:33:27 2008 From: leolistas at solutti.com.br (=?ISO-8859-1?Q?Leonardo_Rodrigues_Magalh=E3es?=) Date: Mon, 22 Dec 2008 15:33:27 -0200 Subject: problem with recursive configuration and CNAMEs In-Reply-To: <49465BFC.2040504@solutti.com.br> References: <49411BF7.20703@solutti.com.br> <49465BFC.2040504@solutti.com.br> Message-ID: <494FCF67.9050209@solutti.com.br> yet on this CNAME queries problem ....... i have noticed a HUGE difference on some CNAME replies from maradns and bind. I dont know if this is right, but let's see ..... MARADNS: note that i made a type A query, and got CNAME as reply. I dont know if this is wrong or it's right. I was expecting to see some A answer, as I made a type A query. i'm using dig from bind package, but server running on 127.0.0.1 is maradns root at sede:/etc# dig @127.0.0.1 liveupdate.symantecliveupdate.com a ; <<>> DiG 9.5.0-P2 <<>> @127.0.0.1 liveupdate.symantecliveupdate.com a ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50741 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;liveupdate.symantecliveupdate.com. IN A ;; ANSWER SECTION: liveupdate.symantecliveupdate.com. 895 IN CNAME liveupdate.symantec.d4p.net. ;; Query time: 156 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Dec 22 15:20:51 2008 ;; MSG SIZE rcvd: 92 root at sede:/etc# doing that again gives me the A answer i was expecting: root at sede:/etc# dig @127.0.0.1 liveupdate.symantecliveupdate.com a ; <<>> DiG 9.5.0-P2 <<>> @127.0.0.1 liveupdate.symantecliveupdate.com a ; (1 server found) ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31340 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;liveupdate.symantecliveupdate.com. IN A ;; ANSWER SECTION: liveupdate.symantecliveupdate.com. 883 IN CNAME liveupdate.symantec.d4p.net. liveupdate.symantec.d4p.net. 883 IN A 96.17.147.16 ;; Query time: 5 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Mon Dec 22 15:21:04 2008 ;; MSG SIZE rcvd: 108 root at sede:/etc# doing the same query on bind gives me a VERY different answer: ;; QUESTION SECTION: ;liveupdate.symantecliveupdate.com. IN A ;; ANSWER SECTION: liveupdate.symantecliveupdate.com. 1492 IN CNAME liveupdate.symantec.d4p.net. liveupdate.symantec.d4p.net. 1445 IN CNAME symantec.georedirector.akadns.net. symantec.georedirector.akadns.net. 13653 IN CNAME a568.d.akamai.net. a568.d.akamai.net. 7 IN A 96.17.147.8 a568.d.akamai.net. 7 IN A 96.17.147.25 a568.d.akamai.net. 7 IN A 96.17.147.51 a568.d.akamai.net. 7 IN A 96.17.147.73 a568.d.akamai.net. 7 IN A 96.17.147.80 a568.d.akamai.net. 7 IN A 96.17.147.82 i was thinking ........ can this A query returning only CNAME records, as i showed above, be the problem that i'm facing in squid logs: No address records in response ........ Leonardo Rodrigues Magalh?es escreveu: > > > not a clue on the problem i related last week guys ?? > > sorry for sending it again, but this problem is really giving me > some good headaches and i couldnt find how to get this inconsistency > away when using maradns ..... > > > > Leonardo Rodrigues Magalh?es escreveu: >> >> Hi, >> >> i got maradns running as a simple recursive server, but i'm having >> some problems resolving CNAME records. >> >> maradns has no authoritative zone, it's only resolving the network >> requests recursively. >> >> i have tried enabled error logging (verbose_level=2) and also >> raising timeout (timeout_seconds=6) but i keep having problems >> resolving CNAME records. >> >> as i couldnt get any useful logs from maradns, the only thing i >> can see are my squid logs, which points nameserver resolutions failures: >> >> 2008/12/11 11:44:35| ipcacheParse: No Address records in response to >> 'id.google.com.br' >> 2008/12/11 11:44:35| ipcacheParse: No Address records in response to >> 'id.google.com.br' >> 2008/12/11 11:44:41| ipcacheParse: No Address records in response to >> 'br.busca.yahoo.com' >> 2008/12/11 11:44:41| ipcacheParse: No Address records in response to >> 'br.busca.yahoo.com' >> 2008/12/11 11:45:14| ipcacheParse: No Address records in response to >> 'liveupdate.symantecliveupdate.com' >> 2008/12/11 11:45:14| ipcacheParse: No Address records in response to >> 'liveupdate.symantecliveupdate.com' >> 2008/12/11 11:45:20| ipcacheParse: No Address records in response to >> 'clients1.google.com' >> 2008/12/11 11:45:20| ipcacheParse: No Address records in response to >> 'clients1.google.com' >> 2008/12/11 11:46:27| ipcacheParse: No Address records in response to >> 'crl.verisign.com' >> 2008/12/11 11:46:27| ipcacheParse: No Address records in response to >> 'crl.verisign.com' >> >> >> i have absolutely NO problems resolving names which are A records. >> The problem seems to be only with CNAME records. >> >> sometimes those CNAME records are correctly resolved, but other >> times they fail to resolve. A records, as stated, ALWAYS resolves fine. >> >> i'm running latest maradns stable: 1.3.07.09 >> >> >> my /etc/mararc is: >> >> root at sede:/etc# cat mararc >> hide_disclaimer="YES" >> chroot_dir="/etc/maradns" >> no_fingerprint = 0 >> bind_address="0.0.0.0" >> maradns_uid=65534 >> maxprocs=10 >> random_seed_file="/dev/urandom" >> max_mem=4194304 >> maximum_cache_elements=8192 >> recursive_acl="192.168.0.0/16, 10.0.0.0/8, 172.16.0.0/12, 127.0.0.0/8" >> timeout_seconds=6 >> verbose_level=2 >> >> root_servers={} >> root_servers["."] = "198.41.0.4, 192.228.79.201, 192.33.4.12, >> 128.8.10.90," >> root_servers["."] += "192.203.230.10, 192.5.5.241, 192.112.36.4, >> 128.63.2.53," >> root_servers["."] += "192.36.148.17, 192.58.128.30, 193.0.14.129, >> 199.7.83.42," >> root_servers["."] += "202.12.27.33" >> >> root at sede:/etc# >> >> > -- Atenciosamente / Sincerily, Leonardo Rodrigues Solutti Tecnologia http://www.solutti.com.br Minha armadilha de SPAM, N?O mandem email gertrudes at solutti.com.br My SPAMTRAP, do not email it