[Sysadmins] anyone have a ready written script that.....

Alan Doherty alan at alandoherty.net
Tue Feb 2 15:52:18 GMT 2010


At 10:41 02/02/2010  Tuesday, Harry Duncan wrote:
>On Tue, Feb 2, 2010 at 12:19 AM, Alan Doherty <alan at alandoherty.net> wrote:
>> happens a lot I have found, and of course if they change MX hosts around the
>> same time breaks any mail my users may have been sending them}
>
>Also breaks your ability to mail them until you deal with it :-)

not really i can always drop the zone when found or use my isp's relay


>I've been giving the same issue some thought lately too, you need to
>consider that someone may purposely have a DNS record hosted with you
>but not have it live, there are scenarios for that.

if they did that zone wouldn't be in the list to check nightly

>What you really want is a cleanup script that matches DNS zones hosted
>to paid up billing accounts, and then seperate your authorative DNS
>server for DNS hosting from your recursive DNS server for customers.
>That funnily enough will eliminate all your problems and you'll only
>ever need to worry about closing down hosted DNS zones for people who
>don't pay you.

well all the above is true if you have any recursive dns customers {like isp's do}
and would worry about any that didn't separate resolver from authoritative 

but as i am a one {well 2} box web/mail/dns hoster only and non-commercial {friends of friends and a few business {usually consulting-work customers or social contacts} that couldn't get satisfactory service elsewhere {srv records, multiple ips for one A etc.}}

the only boxes seeing the "split-brain" are my own {so only smtp-auth clients see the issue}
{yes i could use the upstream resolvers but then my RBL query load would be mixed with all their other customers and thus more potential to go over-limit and get access-listed, also several private {peer run} ones are only queriable from my {trusted non-public} ip's}

and re: the billing there pretty much is none so thats a non-issue for me

its more i just don't like finding out xyz.com has been de-reged and dead long after the fact, i try to run a tight ship where i can cleanup dead zones shortly after its confirmed their gone, considering now days owners seem to register and change domains/emails/webhosts at the drop of a hat, I'd like to be able to automate the detection so i can sooner confirm/purge the dead ones {zones/namevirtualhosts/ftp-accounts/pop/imap/smtp-auth accounts etc} they cant be arsed letting me know about sooner rather than later


>Harry.




More information about the Sysadmins mailing list