On Fri, Mar 17, 2017 at 05:42:11PM +0100, Bjørn Mork wrote:
William Herrin <bill@herrin.us> writes:
On Fri, Mar 17, 2017 at 7:52 AM, Romeo Zwart <rz+nng@zwart.com> wrote:
RIPE NCC have issued a statement about the issue here:
https://www.ripe.net/ripe/mail/archives/dns-wg/2017-March/003394.html
Our apologies for the inconvenience caused.
Hmm. That sounds like an ARIN-side bug too. ARIN's code responded to corrupted data by zeroing out the data instead of using the last known good data. That's awfully brittle for such a critical service.
Well, it was a nice smoke test of the "RDNS required" anti-feature. All of a sudden we couldn't even send email to ourselves, having smarthosts in one of the affected zones. Nice.
Maybe time to re-evaluate the usefulness of that config...
or proper whitelisting of your own infrastructure :-) - Jared -- Jared Mauch | pgp key available via finger from jared@puck.nether.net clue++; | http://puck.nether.net/~jared/ My statements are only mine.