I’ve recently moved DNS for a domain to cloudflare - eventually the plan is to use the WAP in front of several services. Right now, the account is on the ‘free’ plan and I’m doing ‘dns-only’ for all the important addresses. I’m doing it this way to make migration smoother and more predictable.
For historical reasons, the domain had a DNS wildcard *.example.com. Those historical reasons are long past, and when I changed nameservers to cloudflare, I didn’t include the wildcard record. Looking at a few weeks of query logs on my very old servers, I thought I had a good list of all the domain names I needed to support with no wildcard.
Over the weekend, I discovered one more and have added a CNAME for it.
I can see the NXDOMAINs are still happening sporadically (analytics->DNS) for some hostnames, which are probably names that shouldn’t exist, but I can’t tell from that data. Is there some way to see what names are being queried for that are generating these NXDOMAIN responses? It may be that there is some infrequently used name that I need to support who’d failure is non-obvious (e.g. over the weekend our monitoring system tried to send email from a non-existent hostname, getting blocked by some spam engines).
Can I see the queries that generate the NXDOMAIN responses for my domains?