Messages Log lots of MX Record Errors

LeadDogGraphics

Well-Known Member
Feb 25, 2012
97
1
58
West Palm Beach, FL
cPanel Access Level
Root Administrator
In my message log file I have the following errors over and over.

Mar 13 13:48:44 server2 named[3516]: client 39.47.180.125#16875: query (cache) 'alt2.aspmx.l.google.com/A/IN' denied
Mar 13 13:48:45 server2 named[3516]: client 39.47.180.125#16882: query (cache) 'aspmx2.googlemail.com/A/IN' denied
Mar 13 13:48:45 server2 named[3516]: client 39.47.180.125#16894: query (cache) 'aspmx3.googlemail.com/A/IN' denied
Mar 13 13:48:45 server2 named[3516]: client 39.47.180.125#16903: query (cache) 'aspmx4.googlemail.com/A/IN' denied
Mar 13 13:48:46 server2 named[3516]: client 39.47.180.125#16918: query (cache) 'aspmx5.googlemail.com/A/IN' denied
Mar 13 13:48:46 server2 named[3516]: client 39.47.180.125#16928: query (cache) 'aspmx.l.google.com/A/IN' denied
Mar 13 13:48:46 server2 named[3516]: client 39.47.180.125#16937: query (cache) 'alt1.aspmx.l.google.com/A/IN' denied

Now I have researched this and found it is a harmless notification, but it makes the log very difficult to find actual real issues. Is there a way to either not log those entries, block the offending ip addresses as they are probably spammers anyway, or adjust the logscanner/logwatch from CSF to not pick up those entries?

I'm on the downeaster alexa - DNS Misconfigs for fun and profit: How to get the most from your DNS logs, part 1

This page has some very good insight on it, and also a script solution at the bottom but I have no idea how to implement it. Could someone please advise?
 

LeadDogGraphics

Well-Known Member
Feb 25, 2012
97
1
58
West Palm Beach, FL
cPanel Access Level
Root Administrator
Have you disabled recursion to nameservers. Please refer to how to disable recursive queries in bind | e r i k i m h d o t c o m for how to disable recursion to nameservers.
Thank you for that info, after doing a followup search on here regarding the disable recursion, i found this thread, with the last post warning not to do this update.

http://forums.cpanel.net/f5/dns-server-recursive-lookups-bad-50450.html

Any ideas why using this method vs the one described in your post is bad?