DNSSEC/Log Spam for partially DNSSEC domain
Larry Rosenman
ler at FreeBSD.org
Sat Jun 30 02:03:23 UTC 2018
I'm running Exim, with DNSSEC enabled, and my zone (lerctr.org) is
DNSSEC signed, but my dyn.lerctr.org subdomain is NOT DNSSEC signed due
to HE.net don't support DNSSEC.
I get a ton of:
Jun 29 20:12:53 thebighonker exim[37649]: gethostby*.gethostanswer: asked for "borg.lerctr.org IN AAAA", got type "RRSIG"
Jun 29 20:12:53 thebighonker exim[37649]: gethostby*.gethostanswer: asked for "borg.lerctr.org IN A", got type "RRSIG"
in my logs, which comes from libc:
/usr/src/lib/libc/net/getaddrinfo.c:
2092 #ifdef DEBUG
2093 if (type != T_KEY && type != T_SIG &&
2094 type != ns_t_dname)
2095 syslog(LOG_NOTICE|LOG_AUTH,
2096 "gethostby*.getanswer: asked for \"%s %s %s\", got type \"%s\"",
2097 qname, p_class(C_IN), p_type(qtype),
2098 p_type(type));
2099 #endif
Is there an easy way to make this quieter?
--
Larry Rosenman https://people.FreeBSD.org/~ler/
Phone: +1 214-642-9640 E-Mail: ler at FreeBSD.org
US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 679 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20180629/65fdc966/attachment.sig>
More information about the freebsd-current
mailing list