I am seeing a somewhat similar problem with my name server. It is configured not to recurse queries except for our network. Since I enabled this feature, I noticed we receive numerous requests from unauthorized hosts. It seems all the unauthorized queries are MX requests for AOL.COM. Here's a sample rejection log: 25-Apr-2000 12:21:48.647 security: unapproved recursive query from [212.5.135.39].2091 for aol.com and below the number of his for the last 4 days. Notice the 250,000 requests from 212.5.135.39 That's really abusive and I have blackholed 212.5.128/19 for the moment. 1424 192.92.129.3 1332 193.200.17.87 516 193.68.3.250 399 208.226.167.19 70 212.5.133.129 635 212.5.135.16 250292 212.5.135.39 57 212.5.139.65 1286 212.5.159.42 28 212.5.159.53 71 212.56.18.66 58 212.91.173.60 1992 63.192.247.53 Now I do not understand why we are getting those hits. Our nameserver (207.153.200.35) is not an aol.com secondary and has never been. Does anyone have a clue? JP