DNS Traffic question

["Di Fabio, Andrea" <adifabio () NSU EDU>]

Experts,



Our DNS servers appear to generate a very large amount of type A queries for
ns2.accountfields.com and ns1.accountflieds.com every day



Such queries are the top 1 and 2 of all our DNS queries every day,
surpassing the third query by a factor of a least 2.  both name of the
accountfields servers seem to point to address 0.0.0.0 and the queries seems
to generate as a response from various .in-add.arpa coming from our mail
exchange servers (possibly from spam?)



1.       Is anyone else seeing the same behavior?

2.       Has anyone looked at it in more depth?



Thanks.

Attachment: smime.p7s
Description: