Hi, SW wrote:
Larry,
Sorry, I failed to mention that under each zone record, we allow query which
I thought should still allow the 'mailman to get past our fense'. ;-)
/etc/named.conf has the following:
options {
directory "/etc/named";
allow-recursion { xxx.xxx.xxx.xx/27; localhost; };
allow-query { xxx.xxx.xxx.xx/27; localhost; };
version "WPPi Name Server - NA";
allow-transfer { xxx.xxx.xxx.xx; };
};
logging {
category lame-servers { null; };
};
zone "." { type hint; file "db.cache"; };
zone "pureportraits.com" { type master; file "pri.pureportraits.com";
allow-query { any; };
I think you've deluded yourself? :) Those queries worked because they were cached elsewhere, and until recently, when they have expired and requeried from the authoritative DNS, they are meeting with problems from your new configuration. In one weeks time or less, all your clients hosting with you will be unreachable on the Internet in any way. Better fix it before the retry interval is exceeded or you'll have some pretty irritated customers. :) Checking your DNS setup with a few public tools would have convinced you that nobody on the internet is able to get through to your DNS. http://www.checkdns.net/quickcheck.aspx?domain=pureportraits.com&detailed=1 http://www.dnsreport.com/tools/dnsreport.ch?domain=pureportraits.com http://www.dnsstuff.com/tools/lookup.ch?name=pureportraits.com&type=SOA (frankly, it looks pretty bad to me...) Regards.