Ask HN: Independently Recreate Zone Records?
Hi, we discovered that our registrar had nearly tripled our prices by adding thousands of dollars of services to our dozens of domains without permission (privacy, hosting, etc)
When we called them to ask when this was authorized, we were told they would refund up to three days' worth
So, we took one of the three accounts and moved all the domains off of it.
When we said we felt that it wasn't appropriate that they wouldn't tell us when the costs were authorized or refund us, and we'd already closed one account in protest, our other two accounts were locked, we were given the transfer codes, and we were told to hit the bricks
The thing is, the domains are complicated. There's a lot of records on them. And the registrar refuses to give us the zone records. This seems like a real problem.
Is there a tool to recreate the zone records from the outside using things like dig and nslookup?
We really don't have the ability to remake these domains by hand
This won’t help you solve your current problem, but perhaps may be helpful for you and any others reading this in the future:
I can’t recommend enough using a tool like dnscontrol [0] to manage your records. It allows you to keep your records in git and deploy changes to them in a controlled manner. Nightmares about situations like the one you’re in were what finally motivated me to implement dnscontrol ~10 years ago.
[0] https://github.com/StackExchange/dnscontrol
this is very interesting
Can you use the AXFR or IXFR command to list the zone?
Do you have e.g. a bind .jnl file of one of the NS behind the zone, because you can re-create the text form of the zone from the binary zone state in journal.
Do you know how to talk to the Registry, rather than a registrar, because you own the domain, and even under contract for service, its your name, not their name unless you signed a very awkward contract.
Do you have a lawyer? I think you need one.
> Can you use the AXFR or IXFR command to list the zone?
I don't know what this means.
> Do you have e.g. a bind .jnl file of one of the NS behind the zone, because you can re-create the text form of the zone from the binary zone state in journal.
I don't believe that I do. I just used the web interface to set the domains up.
> Do you know how to talk to the Registry, rather than a registrar, because you own the domain, and even under contract for service, its your name, not their name unless you signed a very awkward contract.
I don't
> Do you have a lawyer? I think you need one.
I guess I might have to get one?
I wish I could just get the zone files and leave. I don't want to create a fuss.
At this point, a Fuss is all you have. if the web lets you "add a nameserver" there's a path out where you get a nameserver somebody you trust runs, to get a copy of the zone, and use "bind" journal de-compile tools to see it in plaintext
Depending on how long you have had the zone, re-delegating it through another registrar may be timelocked. Its a bit of a shit-show.
You are on a steep learning curve or need consultant/contractor help (which btw I cannot do, sorry)
sorry to reply here, looks like i can't reply to your other comment because it's too deep
it's not that i "have a new registrar" per se
it's that when i go to a new registrar and say "hey, my old registrar is abusing me and won't give me the zone files, can you help" they say "just get the zone files" on customer service patrick star mode :(
i don't know, maybe i'm being unreasonable?
i just want to keep my domains up
if i have to go to a lawyer i will but i really don't want to, that sounds very expensive and i'm worried the old registrar will escalate if i do that
i just want my zone files so i can leave, you know?
I feel like all I really need is for the old registrar to provide the existing configuration files
The new registrar is happy to consume them directly and re-create them
ok. so if you have a new registrar, then there is a registry-registrar conversation here bound in an ICANN contract. You really need somebody in the new registrar, talking to the old registrar AND the registry, who is motivated to push buttons (metaphorically) to make the old registrar want to give the data up. I am pretty sure that the names, and associated records, are "yours" if its "your" zone. The contract for services outside of DNS which may lie behind those names "let us host your web for you" are different: you could wind up with your DNS zone, and your web offline because they manage that too. Not all "hosting" is DNS only.
If you have a new registrar, this situation shouldn't be unfamiliar to them..
Do you happen to know all of the hostnames / subdomains? Or can you scrape that from their web UI? Without the ability to transfer the zone or get the actual zone file, perhaps you can "export" each record with something like a "dig -t ANY host.example.com" for each record. Not fool proof, but better than nothing...
hostnames: yes. subdomains and similar things like txt records: no.
How many records are we talking about? Can you view them as a list in a web interface? If so and given no other alternatives, I’d try to scrape it out of their web UI.
about 50. no.
sounds like a pain! sorry your registrar isn't cooperating.
Where is your domain registrar? Are they in the US? (And are you in the US?) These folks are obviously scammers and you need to have a lawyer reach out to them.
both the us.
they're a giant corporation. i don't want to fight them. i just want to recover.
If you use TLS on the subdomains, they may all be the public Certificate Transparency logs.