My domains DNS is still hosted with the company I registered it at. I’m planning to move it to a different company early next year. So when a friend asked me for secondary nameserver exchange, I already set up the new DNS.

So my current setup is like this:

Primary and secondary nameserver are at my old provider, serving their copy of the DNS zone (which obviously lists their nameservers as NS)

The A and MX records point to my server, which will sometime also be the new master NS. This host has an own copy of the zone file, which agrees on the ‘regular’ entries, but lists my server as well as the friends two servers as NS. This is the only link from the domain to the friends servers. Let me emphasize this: neither my server nor my friends servers are currently listed in the .tld database. Their NS entries still point to the old providers server. I’m planning to change that in January.

Now my friend told me, that he had about 10 email delivery attempts to my domain in his logs, obviously coming from some spammers.

WTF? In order to link my domain to his server, you’d need to

  • find the official NS for my domain
  • lookup my A or MX record (not the NS record!)
  • use this record as new NS
  • lookup an NS record, using my new NS
  • use this NS record as MX

What is the reason to jump through all those hoops? Do many admins configure a secondary NS to be an unlisted, unprotected relay for incoming email?

Is it common for secondary NS to receive random emails from spammers?