Dean; > When you get an NXDOMAIN DNS protocol reply, the DNS protocol (RFC 1034, > etc) defines a specific meaning. Neither rfc1034 nor rfc1035 define "NXDOMAIN DNS protocol reply. > But when you don't get NXDOMAIN, there is > no meaning to be implied. This is a fact due to the inclusion of wildcard > records in the DNS protocol. Wrong. As is clearly stated in rfc1034: The general idea is that any name in that zone which is presented to server in a query will be assumed to exist, with certain properties, unless explicit evidence exists to the contrary. domain names matching a wildcard is assumed to exist. Masataka Ohta