search

publicsuffix / list

The Public Suffix List
https://publicsuffix.org/
Mozilla Public License 2.0
2.05k stars 1.22k forks source link

Some NXDomain entries that should be de-listed #1746

Closed vdukhovni closed 1 month ago

vdukhovni commented 1 year ago

The suffixes below don't exist:

me.vu
blog.vu
dev.vu
us.kg
nyan.to
blog.gt
at.md
app.gp

[ Reproducer:

$ for zone in me.vu blog.vu dev.vu us.kg nyan.to blog.gt at.md app.gp; do dig +noall +comment +question -t soa $zone; done | grep -E 'HEADER|SOA'
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5773
;me.vu.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 24903
;blog.vu.                       IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23178
;dev.vu.                                IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 22936
;us.kg.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45346
;nyan.to.                       IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44082
;blog.gt.                       IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 9568
;at.md.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46026
;app.gp.                                IN      SOA

]

The below ServFail SOA lookups, and are therefore unlikely public suffixes:

to.md
us.ax
de.md
blog.kg
neko.am
es.ax
eu.ax
ch.tc
tv.kg

[ Reproducer: 

$ for zone in to.md us.ax de.md blog.kg neko.am es.ax eu.ax ch.tc tv.kg; do dig +noall +comment +question -t soa $zone; done | grep -E 'HEADER|SOA'
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 11893
;to.md.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 32794
;us.ax.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 43243
;de.md.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 15513
;blog.kg.                       IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 23054
;neko.am.                       IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 41333
;es.ax.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 56421
;eu.ax.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 6834
;ch.tc.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 39922
;tv.kg.                         IN      SOA

]

dnsguru commented 1 year ago

This is helpful that you have done this testing, as submitters often stop engagement related to their entries once they get them added, and then never clean up after themselves, leaving "debris".

Your volunteer help is appreciated.

For transparency, especially because we are removing entries, could you please include the command and output per domain, as well as the nameserver checked?

The objective is that anyone could repeat the same command and get the same result, so that it is abundantly clear why entries were removed.

On Wed, Apr 26, 2023, 9:49 AM Viktor Dukhovni @.***> wrote:

The suffixes below don't exist:

me.vu blog.vu dev.vuus.kgnyan.toblog.gt at.mdapp.gp

The below ServFail SOA lookups, and are therefore unlikely public suffixes:

to.mdus.ax de.mdblog.kgneko.ames.axeu.axch.tctv.kg

— Reply to this email directly, view it on GitHub https://github.com/publicsuffix/list/issues/1746, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACQTJLHGDL3PRVWN2TGSUDXDFGYFANCNFSM6AAAAAAXMWRQCI . You are receiving this because you are subscribed to this thread.Message ID: @.***>

vdukhovni commented 1 year ago

Commands to reproduce observations added.

dnsguru commented 1 year ago

Made small tweak to force use of 8.8.8.8 on the lookup to force a public resolver in replication

for zone in me.vu blog.vu dev.vu us.kg nyan.to blog.gt at.md app.gp; do dig +noall +comment +question -t soa $zone @8.8.8.8; done | grep -E 'HEADER|SOA'
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62134
;me.vu.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44568
;blog.vu.                       IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 55489
;dev.vu.                                IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36202
;us.kg.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65425
;nyan.to.                       IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49255
;blog.gt.                       IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39299
;at.md.                         IN      SOA
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12597
;app.gp.                                IN      SOA
dnsguru commented 1 year ago

duplicated empty results - confirmed this from 4 different hosts on 4 different providers using 4 different public resolvers.

dnsguru commented 1 year ago

Hi community, please make a pull request for these changes

dnsguru commented 1 year ago

this appears to be tied to #1741

dnsguru commented 1 year ago

1755 tied to this;

groundcat commented 1 month ago

@simon-friedberger All these domains have been removed (or updated) from the PSL, so I believe this issue may be closed.