September 1st, 2011, 03:08 PM
GoDaddy has a new "Selective DNS Blackouts" policy
For those that have not heard, GoDaddy has a new policy (as of July, 2011) that lets them block DNS packets from high-volume DNS servers. It affects domains using GoDaddy's DNS hosting (if your NS records have 'domaincontrol.com' in them, you're affected).
Two such sites that are affected by this are a niche search engine that is in development, and a project that keeps track of statistics on domains. Sites like these that are blocked by GoDaddy's new policy will be unable to include domains using GoDaddy's DNS hosting (except domains owned by GoDaddy, which are exempt from the Selective DNS Blackouts policy).
So keep this in mind if there is some odd glitch with your domain. For example, if they block the DNS servers of a company that sends an extreme amount of E-mail, any E-mails to domains using GoDaddy DNS hosting will not be delivered. Or, if in general just about everyone can reach your website without problems, but now people from a specific country or using the same Internet provider cannot reach your site, this could explain it.
Alternatively, if you run a DNS server that does a high volume of lookups (other than a standard recursive DNS server), and you experience a lot of DNS failures, you should check to see if packets sent to the 18.104.22.168/26 or 22.214.171.124/26 IP ranges are blocked.
September 1st, 2011, 03:45 PM
I haven't heard that yet. I work for an email hosting company but we haven't been blocked yet. We probably don't send enough queries to their domains though. Was there an article on that somewhere or a link? I did a quick search but didn't really see anything.
September 3rd, 2011, 02:40 PM
There is an article at rscott.org/dns/GoDaddy_Selective_DNS_Blackouts.htm .
Originally Posted by CaptPikel
GoDaddy's PR department did finally respond. The forums won't let me post the quote, but you can find it via the link above.
It is a nearly a verbatim copy of their WHOIS blocking policy. I'm not sure if they understand that while blocking WHOIS access is simply inconvenient for most people (and desired by many), DNS is mission critical, and I've never heard of someone with a domain wishing that DNS to their domain could be blocked.
They admitted that several of their DNS servers had been under attack in July, so one possibility is that they just cannot deal with the extra load, and chose to block some legitimate DNS queries to deal with it. It would be surprising, though (as you think they would reach out first before blocking in that case).