Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

case sensitivity in DNS for mx records only?

600 views
Skip to first unread message

Clarke Weigle

unread,
Jul 14, 2004, 11:47:13 AM7/14/04
to
Here is my experience:

We have 3 Windows 2003 domain controllers providing DNS to
our company. Mail to recipients at the domain
JamesMPotato.com [not the real domain] was not going
through, and our users complained that everyone else in
the world can send to that domain, but we can't. I
performed nslookup from my workstation, set type=mx,
server as one of our dns servers, and typed in
JamesMPotato.com. Nothing.

I looked in DNS on that server, restarted DNS, cleared the
cache, and retried my nslookup. Nothing.

Back in DNS on that server, I looked in the cache and
found the zone JamesMPotato.com, which contained only ns
records. I deleted the zone and retried my nslookup
query. Nothing, and the zone was recreated as it was
before.

Then I tried the nslookup query for jamesmpotato.com.
Bingo! I tried JamesMPotato.com again. Bingo! I applied
that "fix" to all 3 DNS servers, and by the time I got to
our Exchange server all of the queued mail for
JamesMPotato.com had been delivered.

Can anyone explain to me why this happened, and how I can
prevent it from happening again?

Thanks.

Clarke

Kevin D. Goodknecht Sr. [MVP]

unread,
Jul 14, 2004, 12:06:35 PM7/14/04
to
In news:2d59e01c469b9$d4a66f40$a301...@phx.gbl,
Clarke Weigle <anon...@discussions.microsoft.com> posted a question
Then Kevin replied below:

If you did not create this zone, then it sounds to me like your Active
Directory domain name is jamesmpotato.com and you deleted your AD Domain
zone. If jamesmpotato.com is not your AD domain zone, then I don't know how
the zone got there.

If you named your domain jamesmpotato.com and you did this there is no doubt
in my mind that logons are taking what seems to be forever.

In an Active Directory domain DNS is not used for internet access, internet
access is a secondary function for DNS, DNS is used for domain controller
location, all clients and Domain Controllers must use the DNS server that
has the AD domain zone in it.

--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
============================
--
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from your
issue. To respond directly to me remove the nospam. from my
email. ==========================================
http://www.lonestaramerica.com/
==========================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
==========================================
Keep a back up of your OE settings and folders with
OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
==========================================


Clarke Weigle

unread,
Jul 14, 2004, 12:39:16 PM7/14/04
to
Kevin-

Thanks for responding, and I apologize for misusing the
term "zone". When I look in the Cached Lookups within
dns, and drill down to /.(root)/com/ I find the DNS domain
JamesMPotato.com. This cached DNS domain is what was
created and populated automatically by my nslookup
queries.

My question was really why does the DNS server appear to
be case sensitive? I found on further testing that it was
not just MX records, but A records as well. DNS seemed
unable to find anything other than NS records until I
changed the capital letters to lower case in my nslookup
query (from JamesMPotato.com to jamesmpotato.com). Once
it succeeded with the lower case lookup, dns had no
problem resolving either query.

Clarke

>-----Original Message-----
>In news:2d59e01c469b9$d4a66f40$a301...@phx.gbl,
>Clarke Weigle <anon...@discussions.microsoft.com>
posted a question
>Then Kevin replied below:

Kevin D. Goodknecht Sr. [MVP]

unread,
Jul 14, 2004, 1:18:13 PM7/14/04
to
In news:2cfad01c469c1$1a17d2b0$a501...@phx.gbl,

Clarke Weigle <anon...@discussions.microsoft.com> posted a question
Then Kevin replied below:
> Kevin-
>
> Thanks for responding, and I apologize for misusing the
> term "zone". When I look in the Cached Lookups within
> dns, and drill down to /.(root)/com/ I find the DNS domain
> JamesMPotato.com. This cached DNS domain is what was
> created and populated automatically by my nslookup
> queries.
>
> My question was really why does the DNS server appear to
> be case sensitive? I found on further testing that it was
> not just MX records, but A records as well. DNS seemed
> unable to find anything other than NS records until I
> changed the capital letters to lower case in my nslookup
> query (from JamesMPotato.com to jamesmpotato.com). Once
> it succeeded with the lower case lookup, dns had no
> problem resolving either query.

Hmm, this is a new one, DNS is not case sensitive, AFAIK DNS cannot be made
case sensitive, yet. I add the yet because IIRC there was once a thought
being thrown around of making DNS case sensitive to allow more domains in
each TLD. Of course this would be futile and would open a can of worms that
would stink to high heaven, to say the least.
Your DNS may be suffering from cache polution, make sure you have "Secure
cache from polution" checked on the Advnced tab.


--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps

anon...@discussions.microsoft.com

unread,
Jul 14, 2004, 1:47:00 PM7/14/04
to
Kevin-

The "Secure cache from pollution" setting was checked on
all 3 machines. I see that only one has automatic
scavenging of stale records selected.

Clarke

>.
>

Sharad Naik

unread,
Jul 14, 2004, 2:03:58 PM7/14/04
to
Well... quite a few months ago (may be more than 12)
I had once faced the same problem.
But at that time there were other issues too and the main
was the EDNS0 issue of win 2003 DNS. ( My win 2003 DNS server was behind a
third party firewall).
After I disabled EDNS probes, (and some other minor issues were taken care
of) everything was working perfect. I didn't do anything abt case sensitive
thing but it
got solved by itself (at least that's what I thought at that time,
"suddenly all problems solved")

Sharad

"Kevin D. Goodknecht Sr. [MVP]" <ad...@nospam.WFTX.US> wrote in message
news:OQVbOaca...@TK2MSFTNGP12.phx.gbl...

Kevin D. Goodknecht Sr. [MVP]

unread,
Jul 14, 2004, 2:05:35 PM7/14/04
to
In news:2d6f301c469ca$90a3a310$a301...@phx.gbl,
anon...@discussions.microsoft.com <anon...@discussions.microsoft.com>

posted a question
Then Kevin replied below:
> Kevin-
>
> The "Secure cache from pollution" setting was checked on
> all 3 machines. I see that only one has automatic
> scavenging of stale records selected.

The only setting that might affect the behavior is the Name checking
setting, but even that, I don't think will change the case sensitivity, it
is supposed to only affect the allowed characters.

http://www.microsoft.com/windows2000/techinfo/reskit/samplechapters/cncf/cncf_imp_tyhp.asp

Clarke Weigle

unread,
Jul 14, 2004, 2:40:52 PM7/14/04
to
Sharad-

Thanks! That seemed to be it, and we are behind a 3rd
party firewall as well. I turned off EDNS0 on the servers
and the problem evaporated! The command line fix I used
is posted in Microsoft Knowledge Base Article - 828263.

Clarke

Roger Abell

unread,
Jul 15, 2004, 10:50:26 PM7/15/04
to
That is bizarre.
Can someone explain for me how it is that the
all lower case usage worked ?

--
Roger Abell
Microsoft MVP (Windows Server System: Security)
MCSE (W2k3,W2k,Nt4) MCDBA
"Clarke Weigle" <anon...@discussions.microsoft.com> wrote in message
news:2d77701c469d2$1766acb0$a301...@phx.gbl...

RainmanJam

unread,
Jul 26, 2004, 2:13:34 PM7/26/04
to
"Roger Abell" <mvpN...@asu.edu> wrote in message news:<#7xAq9ta...@TK2MSFTNGP10.phx.gbl>...
http://support.microsoft.com/default.aspx?scid=kb;en-us;833975

This should fix the issue
Shannon Atkinson
Google Master.

0 new messages