<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#ffffff" text="#000000">
<dl>
<dt>Greetings,</dt>
</dl>
This is from the pdns documentation:<br>
<br>
"""<span class="term"><br>
out-of-zone-additional-processing |
--out-of-zone-additional-processing=yes |
--out-of-zone-additional-processing=no</span>
<dl>
<dd>
<p>Do out of zone additional processing. This means that if a
malicious
user adds a '.com' zone to your server, it is not used for other
domains and will not contaminate answers. Do not enable this setting if
you run a public DNS service with untrusted users. Off by default. </p>
</dd>
<dt>"""</dt>
</dl>
My question is this. The description indicates that setting this to
yes would prevent malicious use of your public authoritative DNS server
with untrusted users (such as in our hosting company), but then goes on
to say that you shouldn't enable this setting if you run a public DNS
service with untrusted users? Could someone please clarify this? <br>
<br>
<br>
Many thanks. Tom.<br>
</body>
</html>