A partir do título, o bind9 não exibe registros txt para um domínio e o serve para outros. as zonas são quase iguais.
Sistema Ubuntu 14.04 Bind9 da distribuição (tentei 9.10 de fontes também)
Eu tenho dois domínios: www.filippo.fake e www.mimmo.fake
A zona de Filippo e zona de Mimmo são substancialmente iguais:
cat pri.filippo.fake
$TTL 3600
@ IN SOA ns-1.myserver.net. email.hotmail.com. (
2016100403 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;
filippo.fake. 3600 A 1.2.3.4
mail 3600 A 1.2.3.4
webmail.filippo.fake 86400 A 1.2.3.4
www 3600 A 1.2.3.5
filippo.fake. 3600 MX 10 mail.filippo.fake.
filippo.fake. 3600 NS ns-2.myserver.net.
filippo.fake. 3600 NS ns-1.myserver.net.
default._domainkey.filippo.fake. 3600 TXT "v=DKIM1; t=s; p=MIdsBdsasfdsiG9w0BAQEFAfsddsfsfCgKCAQEAsPNZmpYj9ozmRtCUIbVa8uviqMaxLkT+oQ+Et1FaHGmajDYr1TrRpyj0xu/cVJb5RutV2OFHy9X+qcw0PhOoZva4I6jqbV/xqBCG823ZoyyLAodeB0ilq94wtf8MW52iMR422HMCLuR3estBOKelBr4ptptZqojK5/btJlQT/JiGkPA2YbuiEdl9QkvbZQ/JGfN" "0OpoQWKy6iy597DGj68syZDnbL+c45IWIq6Ai7U7TlRPyuwmEer3ryRbWC7DdQBp4E/5U36YBfXLSgY4L2VBZzoBSUL2MWO/VUUfcn5LegIA4ZBK/juC2br4Rv06Tm9YWtgDsYrp6Srit/8UV7wIDAQAB"
filippo.fake. 86400 TXT "v=spf1 +a +mx +ip4:1.2.3.4 ?all"
cat pri.mimmo.fake
$TTL 3600
@ IN SOA ns-1.myserver.net. email.hotmail.com. (
2016100403 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;
mimmo.fake. 3600 A 1.2.3.4
mail 3600 A 1.2.3.4
webmail.mimmo.fake 86400 A 1.2.3.4
www 3600 A 1.2.3.5
mimmo.fake. 3600 MX 10 mail.mimmo.fake.
mimmo.fake. 3600 NS ns-2.myserver.net.
mimmo.fake. 3600 NS ns-1.myserver.net.
default._domainkey.mimmo.fake. 3600 TXT "v=DKIM1; t=s; p=MIdsBdsasffdsfsdEFAfsddsfsfCgKCAQEAsPNZmpYj9ozmRtCUIbVa8uvi32321FaHGmajDYr1TrRpyj0xu/cVJb5RutV2OFHy9X+qcw0PhOoZva4I6jqbV/xqBCGfdsfdsfdslq94wtf8MW52iMR422HMCLuR3estBOKelBr4ptptZqojK5/btJlQT/JiGkPA2YbuiEdl9QkvbZQ/JGfN" "0OpoQWKy6iy597DGj68syZDnbL+c45IWIq6Ai7U7TlRPyuwmEer3ryRbWC7DdQBp4E/5U36YBfXLSgY4L2VBZzoBSUL2MWO/VUUfcn5LegIA4ZBK/juC2br4Rv06Tm9YWtgDsYrp6Srit/8UV7wIDAQAB"
mimmo.fake. 86400 TXT "v=spf1 +a +mx +ip4:1.2.3.4 ?all"
No entanto, executar "host -t txt domain localhost" de ns-1, ns-2 e o resto do mundo fornece os seguintes resultados
Obviamente, sem o final "localhost" do resto do mundo:
root@ns-1:/var/log/named# host -t txt filippo.fake localhost
Using domain server:
Name: localhost
Address: ::1#53
Aliases:
filippo.fake descriptive text "v=spf1 +a +mx +ip4:1.2.3.4 ?all"
root@ns-1:/var/log/named# host -t txt mimmo.fake localhost
Using domain server:
Name: localhost
Address: ::1#53
Aliases:
mimmo.fake has no TXT record
Existem mais domínios como o filippo.fake que normalmente funciona. Com ou sem registro de dkim, não importa. Eu já tentei alterar a versão da ligação, excluir e recriar a zona com o ispconfig, criando manualmente o arquivo de zona pri.mimmo.fake. Não muda nada.
Os registros.
Até que eu mudei a versão do bind, eu estava recebendo isso no log dos domínios não funcionando:
04-Oct-2016 14:52:01.746 zone mimmo.faje/IN: 'mimmo.fake' found SPF/TXT record but no SPF/SPF record found, add matching type SPF record
mas considere que depois de instalar o bind 9.10 das fontes, o aviso não apareceu mais nos logs, enquanto o problema com o txt persiste. se eu criar um registro spf, isso não muda nada.
Cada vez que o serviço é reiniciado, nenhuma mensagem específica relativa a erros ou avisos é mostrada nos logs. De qualquer forma, devido à complexidade do registro de ligações, mostrarei as regras usadas para registrar, talvez eu não esteja olhando para o que eu deveria?
logging {
channel default_file {
file "/var/log/named/default.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel general_file {
file "/var/log/named/general.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel database_file {
file "/var/log/named/database.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel security_file {
file "/var/log/named/security.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel config_file {
file "/var/log/named/config.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel resolver_file {
file "/var/log/named/resolver.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-in_file {
file "/var/log/named/xfer-in.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-out_file {
file "/var/log/named/xfer-out.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel notify_file {
file "/var/log/named/notify.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel client_file {
file "/var/log/named/client.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel unmatched_file {
file "/var/log/named/unmatched.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel queries_file {
file "/var/log/named/queries.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel network_file {
file "/var/log/named/network.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel update_file {
file "/var/log/named/update.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel dispatch_file {
file "/var/log/named/dispatch.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel dnssec_file {
file "/var/log/named/dnssec.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel lame-servers_file {
file "/var/log/named/lame-servers.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
category default { default_file; };
category general { general_file; };
category database { database_file; };
category security { security_file; };
category config { config_file; };
category resolver { resolver_file; };
category xfer-in { xfer-in_file; };
category xfer-out { xfer-out_file; };
category notify { notify_file; };
category client { client_file; };
category unmatched { unmatched_file; };
category queries { queries_file; };
category network { network_file; };
category update { update_file; };
category dispatch { dispatch_file; };
category dnssec { dnssec_file; };
category lame-servers { lame-servers_file; };
};