I'm not sure if this happened after one of the security updates but I can't seem to track it down. dig bradgillap.com Shows the IP and things look normal dig miriammaclaren.com and it doesn't seem to go anywhere. Nothing has changed in my nameserver setup. I have my nameservesr setup through godaddy as an A host ns1.bradgillap.com and miriammaclaren.com has used the two nameservers without issue. I tried deleting and recreating the zone file but that didn't help. I checked the firewall and all the important ports are open including 53. I used the debian nginx perfect server guide to set this one up. I didn't even notice miriammaclaren wasn't resolving until I noticed email stopped coming in from external sites. netat -tap Code: netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:imaps *:* LISTEN 2998/dovecot tcp 0 0 *:64738 *:* LISTEN 2546/murmurd tcp 0 0 *:pop3s *:* LISTEN 2998/dovecot tcp 0 0 localhost.localdom:6502 *:* LISTEN 2546/murmurd tcp 0 0 localhost.localdo:10023 *:* LISTEN 2426/postgrey.pid - tcp 0 0 localhost.localdo:10024 *:* LISTEN 3028/amavisd-new (m tcp 0 0 localhost.localdo:10025 *:* LISTEN 3482/master tcp 0 0 *:submission *:* LISTEN 3482/master tcp 0 0 localhost.localdo:11211 *:* LISTEN 1875/memcached tcp 0 0 *:pop3 *:* LISTEN 2998/dovecot tcp 0 0 *:imap2 *:* LISTEN 2998/dovecot tcp 0 0 *:http *:* LISTEN 2234/nginx tcp 0 0 *:http-alt *:* LISTEN 2234/nginx tcp 0 0 *:ssmtp *:* LISTEN 3482/master tcp 0 0 *:tproxy *:* LISTEN 2234/nginx tcp 0 0 *:ftp *:* LISTEN 2996/pure-ftpd (SER tcp 0 0 server1.bradgill:domain *:* LISTEN 1947/named tcp 0 0 127.0.0.2:domain *:* LISTEN 1947/named tcp 0 0 localhost.locald:domain *:* LISTEN 1947/named tcp 0 0 *:ssh *:* LISTEN 1949/sshd tcp 0 0 *:smtp *:* LISTEN 3482/master tcp 0 0 localhost.localdoma:953 *:* LISTEN 1947/named tcp 0 0 localhost.localdo:38418 localhost.localdo:mysql ESTABLISHED 3234/amavisd-new (c tcp 0 0 server1.bradgi:http-alt 198-48-190-5.cpe.:43491 TIME_WAIT - tcp 0 0 localhost.localdo:50408 localhost.localdo:mysql ESTABLISHED 3235/amavisd-new (c tcp 0 48 server1.bradgillap.:ssh 198-48-190-5.cpe.:51927 ESTABLISHED 3510/0 tcp6 0 0 [::]:imaps [::]:* LISTEN 2998/dovecot tcp6 0 0 [::]:pop3s [::]:* LISTEN 2998/dovecot tcp6 0 0 localhost:10023 [::]:* LISTEN 2426/postgrey.pid - tcp6 0 0 [::]:mysql [::]:* LISTEN 2835/mysqld tcp6 0 0 [::]:submission [::]:* LISTEN 3482/master tcp6 0 0 [::]:pop3 [::]:* LISTEN 2998/dovecot tcp6 0 0 [::]:imap2 [::]:* LISTEN 2998/dovecot tcp6 0 0 [::]:http [::]:* LISTEN 2234/nginx tcp6 0 0 [::]:ssmtp [::]:* LISTEN 3482/master tcp6 0 0 [::]:ftp [::]:* LISTEN 2996/pure-ftpd (SER tcp6 0 0 [::]:domain [::]:* LISTEN 1947/named tcp6 0 0 [::]:ssh [::]:* LISTEN 1949/sshd tcp6 0 0 [::]:smtp [::]:* LISTEN 3482/master tcp6 0 0 localhost:953 [::]:* LISTEN 1947/named tcp6 0 0 localhost.localdo:mysql localhost.localdo:38418 ESTABLISHED 2835/mysqld tcp6 0 0 localhost.localdo:mysql localhost.localdo:50408 ESTABLISHED 2835/mysqld
I just noticed that UDP ports 53 and 3306 were missing from the firewall config. I corrected this now but it's not resolving still.
heh Go to /etc/bind and check if there is a file like pri.miriammaclaren.com.err If so, post the zone file for this domain: cat pri.miriammaclaren.com or pri.miriammaclaren.com.err and post the results here take care
As requested There is no err file for miriammaclaren but there is one for bradgillap.com. The server is server1.bradgillap.com if that helps. Everything is hosted from the same VPS with a static IP. pri.miriammaclaren.com Code: $TTL 3600 @ IN SOA ns1.bradgillap.com. bradgillap.gmail.com. ( 2014091301 ; serial, todays date + todays serial # 7200 ; refresh, seconds 540 ; retry, seconds 604800 ; expire, seconds 86400 ) ; minimum, seconds ; mail 3600 A 23.227.167.216 miriammaclaren.com. 3600 A 23.227.167.216 www 3600 A 23.227.167.216 miriammaclaren.com. 3600 MX 10 mail.miriammaclaren.com. miriammaclaren.com. 3600 NS ns2.bradgillap.com. miriammaclaren.com. 3600 NS ns1.bradgillap.com. miriammaclaren.com. 3600 TXT "v=spf1 ip4:23.227.167.216 include:_sp$ err for bradgillap.com Code: $TTL 3600 @ IN SOA ns1.bradgillap.com. bradgillap.gmail.com. ( 2014072404 ; serial, todays date + todays serial # 7200 ; refresh, seconds 540 ; retry, seconds 604800 ; expire, seconds 86400 ) ; minimum, seconds ; bradgillap.com. 3600 A 23.227.167.216 mail 3600 A 23.227.167.216 www 3600 A 23.227.167.216 bradgillap.com. 3600 MX 10 mail.bradgillap.com. bradgillap.com. 3600 NS ns1.bradgillap.com. bradgillap.com. 3600 NS ns2.bradgillap.com. bradgillap.com. 3600 TXT "v=spf1 a mx ptr ip4:23.227.167.216 ~all"
Actually a while ago I had some ddos issues from my box and I had to mess around with recursion to get the attacks to stop. I'm sure this is where my problem is but my box was being used as a relay with recursion on. So I don't fully understand recursion enough here to stay secure and allow DNS to work properly. named.conf.options Code: // If BIND logs error messages about the root key being expired, // you will need to update your keys. See https://www.isc.org/bind-keys //=====================================================================$ dnssec-validation auto; auth-nxdomain no; # conform to RFC1035 listen-on-v6 { any; }; allow-recursion { none; }; allow-query { none; }; allow-query-cache { none; }; recursion no; additional-from-cache no; }; named.conf.local Code: zone "miriammaclaren.com" { type master; allow-transfer {none;}; file "/etc/bind/pri.miriammaclaren.com"; };
I only have one IP address on this server. Godaddys built in nameservers have always just worked for me before in this case. Maybe this was very wrong?
