[Pdns-users] Postfix as master+slave. How to prevent supermasters from being able to create subzones for NATIVE domains?
sandermoors at telenet.be
sandermoors at telenet.be
Thu May 23 05:54:41 UTC 2019
Hi,
We have a DirectAdmin server which internally is using a BIND nameserver. We also have a PowerDNS server which is acting as a master for domains configured as NATIVE and it's also acting as a slave for the domains added in DirectAdmin.
This is done by configuring the IP address of the DirectAdmin server in the supermasters table. All workin as expected.
Now, we noticed that if we configure "domain.com" as a NATIVE domain in PowerDNS it is still possible to configure "sub.domain.com" in DirectAdmin and powerdns will accept the subzone from the supermaster.
This way users on our DirectAdmin server can break configurations for domains configured as NATIVE.
We need a way for PowerDNS to reject all *.domain.com subzones from any supermaster if the main domain is configured as NATIVE.
Is there a way to do this?
Thanks
Sander
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20190523/43204703/attachment.html>
More information about the Pdns-users
mailing list