Enhancement #567
closed
Added by Marc Dequènes over 7 years ago.
Updated over 7 years ago.
Description
We probably have hosted mail domains which are no more authoritative, so we should report them.
On difficulty is we could still be in charge of MX while no more in charge of DNS, even if there's high probability the user switch to a new hosting completely. So we could be impacted by #566. I'm not keen in using a provider's global DNS like Google, so maybe we should parse the whois to get the authoritative NS in this case too.
- Assignee deleted (
DC Admins)
- Status changed from New to In Progress
- % Done changed from 0 to 40
I created the adm_check_mx script in the admin repo.
Here is the current output:
ERR lespotos.com MX1 is not ours
ERR lespotos.com MX2 list do not include ours
ERR fingerbox.net MX1 is not ours
ERR fingerbox.net MX2 list do not include ours
ERR clan-hnk.com MX1 is not ours
ERR clan-hnk.com MX2 list do not include ours
ERR t1r.net MX2 list do not include ours
ERR happypeng.org MX1 is not ours
ERR happypeng.org MX2 list do not include ours
ERR ikibiki.org MX2 list do not include ours
ERR xn--mah-dma.net MX1 is not ours
ERR cxhome.ath.cx MX1 is not ours
ERR cxhome.ath.cx MX2 list do not include ours
ERR evilgiggle.com MX1 is not ours
ERR evilgiggle.com MX2 list do not include ours
ERR tetramorphe.org MX1 is not ours
ERR tetramorphe.org MX2 list do not include ours
ERR gnufr.org MX2 list do not include ours
ERR fabzien.net MX2 list do not include ours
ERR laurafontaine.fr MX1 is not ours
ERR laurafontaine.fr MX2 list do not include ours
ERR dimers.science MX2 list do not include ours
ERR andesi.org MX1 is not ours
ERR duckcorp.debian.net MX1 is not ours
ERR duckcorp.debian.net MX2 list do not include ours
ERR hurdfr.org MX1 is not ours
ERR hurdfr.org MX2 list do not include ours
ERR rtp-net.org MX1 is not ours
ERR rtp-net.org MX2 list do not include ours
ERR rtp.dyndns.org MX1 is not ours
ERR rtp.dyndns.org MX2 list do not include ours
Unfotunately, our MX1 has two names:
- mx.duckcorp.org
- mx1.duckcorp.org
I picked the later to be the canonical one but the former is still in use and the script does not handle this, which leads to false positives. It would be complicated to handle having a list of names for each MX and there is no use for it anyway, so I would prefer cleaning up the DNS zones.
If the DEBUG environment variable is set, then the script dumps a structure which could later be used for aggregation.
- Assignee set to Marc Dequènes
- % Done changed from 40 to 70
ERR laurafontaine.fr does not exist
ERR duckcorp.debian.net MX1 is not ours
ERR duckcorp.debian.net MX2 list do not include ours
ERR hurdfr.org MX1 is not ours
ERR hurdfr.org MX2 list do not include ours
ERR rtp.dyndns.org does not exist
- % Done changed from 70 to 90
Fixed duckcorp.debian.net.
Differentiate between no entry and no MX on the entry.
Asked Rtp about his dyndns entry.
ERR laurafontaine.fr does not exist
ERR hurdfr.org MX1 is not ours
ERR hurdfr.org MX2 list do not include ours
ERR rtp.dyndns.org has no MX records
- Status changed from In Progress to Resolved
- % Done changed from 90 to 100
Yep, I did cleaned this up when I migrated the LDAP content to an Ansible-generated system.
Same goes for HurdFr and Andesi stuff.
Also available in: Atom
PDF
Updated by 
Updated by