[Pdns-users] Malformed qdomain
Simon Pearce
sp at http.net
Wed Aug 16 13:51:04 UTC 2006
Hi,
I switched 250 of our DNS servers from bind9 to powerdns today. Our log
file are filled with malformed query domains like this:
Aug 16 13:45:43 rs2 pdns[13527]: Received a malformed qdomain from
164.128.36.54, '@.egger-dietikon.ch': dropping
Aug 16 13:45:44 rs2 pdns[13527]: Received a malformed qdomain from
164.128.223.28, '@.egger-dietikon.ch': dropping
Aug 16 13:45:44 rs2 pdns[13527]: Received a malformed qdomain from
164.128.36.54, '@.egger-dietikon.ch': dropping
Aug 16 13:45:46 rs2 pdns[13527]: Received a malformed qdomain from
195.37.164.130, '@.kueste.de': dropping
Aug 16 13:45:46 rs2 pdns[13527]: Received a malformed qdomain from
164.128.223.28, '@.egger-dietikon.ch': dropping
Aug 16 13:45:46 rs2 pdns[13527]: Received a malformed qdomain from
164.128.36.54, '@.egger-dietikon.ch': dropping
Aug 16 13:45:48 rs2 pdns[13527]: Received a malformed qdomain from
82.149.228.70, 'bauble.%ANYDOMAIN.df-webhosting.de': dropping
Aug 16 13:45:48 rs2 pdns[13527]: Received a malformed qdomain from
164.128.223.28, '@.egger-dietikon.ch': dropping
Aug 16 13:45:48 rs2 pdns[13527]: Received a malformed qdomain from
164.128.36.54, '@.egger-dietikon.ch': dropping
Aug 16 13:45:49 rs2 pdns[13527]: Received a malformed qdomain from
195.50.140.69, '@.bizimalem.de': dropping
Aug 16 13:45:50 rs2 pdns[13527]: Received a malformed qdomain from
82.149.224.2, '%ANYDOMAIN.df-webhosting.de': dropping
Aug 16 13:45:50 rs2 pdns[13527]: Received a malformed qdomain from
212.175.13.113, '@.bizimalem.com': dropping
Aug 16 13:45:50 rs2 pdns[13527]: Received a malformed qdomain from
164.128.36.54, '@.egger-dietikon.ch': dropping
Aug 16 13:45:51 rs2 pdns[13527]: Received a malformed qdomain from
85.10.206.176, '@.radsportsonntag.de': dropping
Aug 16 13:45:52 rs2 pdns[13527]: Received a malformed qdomain from
164.128.223.28, '@.egger-dietikon.ch': dropping
Aug 16 13:45:58 rs2 pdns[13527]: Received a malformed qdomain from
82.149.228.70, 'bauble.%ANYDOMAIN.df-webhosting.de': dropping
Aug 16 13:46:00 rs2 pdns[13527]: Received a malformed qdomain from
208.66.195.18,
'www.crackingegg.com?sid=7a91cc0441a6eba534aff058491c4184': dropping
Aug 16 13:46:00 rs2 pdns[13527]: Received a malformed qdomain from
194.40.39.227, '@.bizimalem.de': dropping
Aug 16 13:46:01 rs2 pdns[13527]: Received a malformed qdomain from
194.25.0.61, '@.cj-light.de': dropping
Aug 16 13:46:01 rs2 pdns[13527]: Received a malformed qdomain from
164.128.36.54, '@.egger-dietikon.ch': dropping
Aug 16 13:46:02 rs2 pdns[13527]: Received a malformed qdomain from
217.237.150.113, '@.medilas.ch': dropping
Aug 16 13:46:02 rs2 pdns[13527]: Received a malformed qdomain from
195.50.140.69, '@.bizimalem.de': dropping
Aug 16 13:46:03 rs2 pdns[13527]: Received a malformed qdomain from
208.66.195.18,
'www.crackingegg.com?sid=7a91cc0441a6eba534aff058491c4184': dropping
Aug 16 13:46:03 rs2 pdns[13527]: Received a malformed qdomain from
194.40.39.212, '@.bizimalem.de': dropping
Aug 16 13:46:03 rs2 pdns[13527]: Received a malformed qdomain from
164.128.36.54, '@.egger-dietikon.ch': dropping
Aug 16 13:46:04 rs2 pdns[13527]: Received a malformed qdomain from
217.237.150.113, '@.medilas.ch': dropping
Aug 16 13:46:04 rs2 pdns[13527]: Received a malformed qdomain from
164.128.36.54, '@.egger-dietikon.ch': dropping
Aug 16 13:46:06 rs2 pdns[13527]: Received a malformed qdomain from
164.128.36.54, '@.egger-dietikon.ch': dropping
Recursion is allowed our recursion server is a djbdns server could that
be a problem? All these domains seem to have an @ sign in them. If you
need further infos or my pdns.conf please drop me an email.
Regards Simon
More information about the Pdns-users
mailing list