从标题来看,bind9 不会为一个域提供 txt 记录,而为其他域提供该记录。区域几乎相等。
系统 Ubuntu 14.04 Bind9 来自发行版(也从源代码尝试了 9.10)
我有两个域名:www.filippo.fake 和 www.mimmo.fake
Filippo 的区域和 Mimmo 的区域基本相等:
cat pri.filippo.fake
$TTL 3600
@ IN SOA ns-1.myserver.net. email.hotmail.com. (
2016100403 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;
filippo.fake. 3600 A 1.2.3.4
mail 3600 A 1.2.3.4
webmail.filippo.fake 86400 A 1.2.3.4
www 3600 A 1.2.3.5
filippo.fake. 3600 MX 10 mail.filippo.fake.
filippo.fake. 3600 NS ns-2.myserver.net.
filippo.fake. 3600 NS ns-1.myserver.net.
default._domainkey.filippo.fake. 3600 TXT "v=DKIM1; t=s; p=MIdsBdsasfdsiG9w0BAQEFAfsddsfsfCgKCAQEAsPNZmpYj9ozmRtCUIbVa8uviqMaxLkT+oQ+Et1FaHGmajDYr1TrRpyj0xu/cVJb5RutV2OFHy9X+qcw0PhOoZva4I6jqbV/xqBCG823ZoyyLAodeB0ilq94wtf8MW52iMR422HMCLuR3estBOKelBr4ptptZqojK5/btJlQT/JiGkPA2YbuiEdl9QkvbZQ/JGfN" "0OpoQWKy6iy597DGj68syZDnbL+c45IWIq6Ai7U7TlRPyuwmEer3ryRbWC7DdQBp4E/5U36YBfXLSgY4L2VBZzoBSUL2MWO/VUUfcn5LegIA4ZBK/juC2br4Rv06Tm9YWtgDsYrp6Srit/8UV7wIDAQAB"
filippo.fake. 86400 TXT "v=spf1 +a +mx +ip4:1.2.3.4 ?all"
cat pri.mimmo.fake
$TTL 3600
@ IN SOA ns-1.myserver.net. email.hotmail.com. (
2016100403 ; serial, todays date + todays serial #
7200 ; refresh, seconds
540 ; retry, seconds
604800 ; expire, seconds
86400 ) ; minimum, seconds
;
mimmo.fake. 3600 A 1.2.3.4
mail 3600 A 1.2.3.4
webmail.mimmo.fake 86400 A 1.2.3.4
www 3600 A 1.2.3.5
mimmo.fake. 3600 MX 10 mail.mimmo.fake.
mimmo.fake. 3600 NS ns-2.myserver.net.
mimmo.fake. 3600 NS ns-1.myserver.net.
default._domainkey.mimmo.fake. 3600 TXT "v=DKIM1; t=s; p=MIdsBdsasffdsfsdEFAfsddsfsfCgKCAQEAsPNZmpYj9ozmRtCUIbVa8uvi32321FaHGmajDYr1TrRpyj0xu/cVJb5RutV2OFHy9X+qcw0PhOoZva4I6jqbV/xqBCGfdsfdsfdslq94wtf8MW52iMR422HMCLuR3estBOKelBr4ptptZqojK5/btJlQT/JiGkPA2YbuiEdl9QkvbZQ/JGfN" "0OpoQWKy6iy597DGj68syZDnbL+c45IWIq6Ai7U7TlRPyuwmEer3ryRbWC7DdQBp4E/5U36YBfXLSgY4L2VBZzoBSUL2MWO/VUUfcn5LegIA4ZBK/juC2br4Rv06Tm9YWtgDsYrp6Srit/8UV7wIDAQAB"
mimmo.fake. 86400 TXT "v=spf1 +a +mx +ip4:1.2.3.4 ?all"
但是,从 ns-1、ns-2 和世界其他地方运行“host -t txt domain localhost”会得到以下结果
显然,世界其他地方没有以“localhost”结尾的:
root@ns-1:/var/log/named# host -t txt filippo.fake localhost
Using domain server:
Name: localhost
Address: ::1#53
Aliases:
filippo.fake descriptive text "v=spf1 +a +mx +ip4:1.2.3.4 ?all"
root@ns-1:/var/log/named# host -t txt mimmo.fake localhost
Using domain server:
Name: localhost
Address: ::1#53
Aliases:
mimmo.fake has no TXT record
还有更多像 filippo.fake 这样的域名正常工作。有或没有 dkim 记录都无所谓。我已经尝试更改绑定版本,使用 ispconfig 删除并重新创建区域,手动创建 pri.mimmo.fake 区域文件。它没有改变任何东西。
日志。
直到我更改绑定版本,我才在域不起作用的日志中收到此信息:
04-Oct-2016 14:52:01.746 zone mimmo.faje/IN: 'mimmo.fake' found SPF/TXT record but no SPF/SPF record found, add matching type SPF record
但请考虑从来源安装 bind 9.10 后,警告不再显示在日志中,而 txt 的问题仍然存在。如果我创建 spf 记录,它不会改变任何东西。
每次服务重新启动时,日志中都不会显示与错误或警告相关的特定消息。无论如何,由于绑定日志记录的复杂性,我将向您展示用于记录的规则,也许我没有查看我应该查看的内容?
logging {
channel default_file {
file "/var/log/named/default.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel general_file {
file "/var/log/named/general.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel database_file {
file "/var/log/named/database.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel security_file {
file "/var/log/named/security.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel config_file {
file "/var/log/named/config.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel resolver_file {
file "/var/log/named/resolver.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-in_file {
file "/var/log/named/xfer-in.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel xfer-out_file {
file "/var/log/named/xfer-out.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel notify_file {
file "/var/log/named/notify.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel client_file {
file "/var/log/named/client.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel unmatched_file {
file "/var/log/named/unmatched.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel queries_file {
file "/var/log/named/queries.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel network_file {
file "/var/log/named/network.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel update_file {
file "/var/log/named/update.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel dispatch_file {
file "/var/log/named/dispatch.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel dnssec_file {
file "/var/log/named/dnssec.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
channel lame-servers_file {
file "/var/log/named/lame-servers.log" versions 3 size 5m;
severity dynamic;
print-time yes;
};
category default { default_file; };
category general { general_file; };
category database { database_file; };
category security { security_file; };
category config { config_file; };
category resolver { resolver_file; };
category xfer-in { xfer-in_file; };
category xfer-out { xfer-out_file; };
category notify { notify_file; };
category client { client_file; };
category unmatched { unmatched_file; };
category queries { queries_file; };
category network { network_file; };
category update { update_file; };
category dispatch { dispatch_file; };
category dnssec { dnssec_file; };
category lame-servers { lame-servers_file; };
};