I have a domain and i am use dnsmadeasy for the DNS. I have noticed the queries are up in the millions each month for records i don't even have. So is it okay to do a wildcard A record such as *.mydomain.com and make the TTL high and point it to 0.0.0.0 so as the quiries are caches whoever is doing them and wont be doing them as often. Or will this generate some kind of security problem or other?
That sounds like a bad idea for several reasons.
First of all, negative results not only can be cached but normally are cached (with a TTL based on the
SOAMINIMUMvalue). Do check this value and consider raising it if it is low.Then there's also the aspect of what adding a wildcard address record will do, and in this case a bad
Arecord. The main problem I see here is that it breaks error handling. Ie, instead of the client application knowing that the name doesn't exist and bailing out it will try to connect and get a less obvious error.Even if the large amount of queries appear illegitimate and you don't necessarily care what happens, it will obviously affect everyone including legitimate clients that, through mistakes or otherwise, are resolving a bad name.
Worth noting about using
0.0.0.0as a destination address is also that on some systems this will work as loopback.