Viktor Dukhovni wrote: > > > RFC 103[45] say what to return if the name exists and > > the type doesn't and it isn't NOTIMP. > > In this case the name does not exist, so the nameserver should be > returning NXDOMAIN, but it snatches defeat from the jaws of victory > and indeed returns "NOTIMP": > > ; <<>> DiG 9.8.0rc1 <<>> +norecur -t TYPE52 > _25._tcp.mail.protection.outlook.com. @ns1-proddns.glbdns.o365filtering.com. > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOTIMP, id: 4960 > ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 > > which 8.8.8.8 relayed as SERVFAIL. If there is someone from > Microsoft on this list, please forward a pointer to thread to the > appropriate interested parties.
I haven't looked at any of the other stuff (from this discussion), but this latter appears to be a major goof in Googles DNS server. Forwarding NOTIMP (=permanent, do not retry) as a temporary RC (SERVFAIL) is pretty unreasonable on my scorecard. -Martin _______________________________________________ dane mailing list [email protected] https://www.ietf.org/mailman/listinfo/dane
