๐Ÿ’ฅ
Hall of Fame

Formatting Catastrophes

Zone files, RTF documents, and BIND syntax copy-pasted verbatim into TXT value fields. DNS is not a word processor.

9 records 0 critical
๐Ÿ“‹ Ctrl+C, ๐Ÿ” Cryptographic ๐ŸŒŸ Easter ๐Ÿฅš SEO ๐Ÿ’ฅ Formatting ๐Ÿ” Admin ๐ŸŒ DNS ๐ŸŒ€ Pure ๐Ÿ”ค One ๐Ÿค– The ๐Ÿบ Ancient
โšก medium citypropertyglasgow.co.uk

1. SRV record fields pasted as a flat TXT string

This user was instructed to create an SRV record for Microsoft Exchange autodiscover. Instead of using the dedicated SRV record type with the correct fields (Service, Protocol, Port, Host, Priority, Weight), they pasted the literal field labels and values as a single flat TXT record. Exchange autodiscover has never worked for this domain.

Service: _autodiscover Protocol: ._tcp Port Number: 443 Host: http://autodiscover.glasgow.gov.uk Priority: 0 Weight: 0
โšก medium 108properties.co.uk

2. Pasted full BIND zone file DMARC syntax into TXT value field

The TXT record contains the full BIND zone file line: `_dmarc.108properties.co.uk. IN TXT 'v=DMARC1...'`. Instead of entering just the DMARC policy value (`v=DMARC1; p=none`), the admin pasted the entire zone file entry including hostname, class, record type, and outer quotes. Mail servers receiving this record will not recognise it as a valid DMARC policy.

_dmarc.108properties.co.uk. IN TXT 'v=DMARC1; p=none; rua=mailto:dmarc@108properties.co.uk'
๐Ÿ“ low 027ltd.co.uk

3. Tried to command the internet via DNS TXT record

The admin tried to manually instruct the internet to create an ALIAS record by typing `027ltd.co.uk ALIAS apex-loadbalancer.netlify.com` into the DNS TXT value field. DNS doesn't work like a command line. The internet was unpersuaded.

027ltd.co.uk ALIAS apex-loadbalancer.netlify.com
๐Ÿ“ low apt-solutions.co.uk

4. Rich Text Format (RTF) document pasted into DNS

The admin drafted their DKIM key or verification token in Microsoft Word, then copy-pasted the raw Rich Text Format (`{rtf1ansiansicpg1252...}`) directly into the DNS TXT field. Word's invisible formatting codes are now globally distributed via DNS.

{rtf1ansiansicpg1252 {fonttblf0fnilfcharset0 ArialMT;} {colortbl;red255green255blue255;red0green0blue0;red255green255blue255;} deftab720 pardpardeftab720sl380partightenfactor0 f0fs28 cf2 cb3 expnd0expndtw0kerning0 outl0str...
๐Ÿ“ low aracs.co.uk

5. Pasted literal BIND zone file syntax into the value

The admin copy-pasted raw BIND zone file syntax (`aracs.co.uk IN TXT ...`) directly into the TXT record *value* field instead of just the value itself. The record now recursively references itself and is technically malformed.

aracs.co.uk IN TXT EA0462oIcJKrVXXYlqZMAHgQvhKvAPMcLYayukaP/PkQDJeBV+TEAQ7svu+mp3zcZvqL33GwpfoFwRgZs8jFrQ==
๐Ÿ“ low australiaoverland.co.uk

6. Full BIND zone syntax in TXT record value

Similar to aracs.co.uk, the full BIND zone file line was pasted verbatim: `_dnsauth.australiaoverland.co.uk. IN TXT "2023..."`. DNS resolvers will happily return this mangled text, which breaks downstream validation.

_dnsauth.australiaoverland.co.uk. IN TXT "2023abc-xyz-verification-token"
๐Ÿ“ low amtauto.co.uk

7. Full SSL Certificate Signing Request (CSR) in DNS

A full Certificate Signing Request (CSR) was pasted into the DNS TXT field โ€” chunked across multiple records due to the 255-char limit. The CSR itself is public information (it contains only the public key), but it is a spectacular example of using DNS as a general-purpose text storage system.

-----BEGIN CERTIFICATE REQUEST----- MIICWTCCAUMCAQAwGDEWMBQGA1UEAwwNYW10YXV0by5jby51azCCASIwDQYJKoZI hvcNAQEBBQADggEPADCCAQoCggEBAOm3FgXojmp9sgdgO+sLtK4SCLUXdAkB3FUB [...truncated...] -----END CERTIFICATE REQUEST-----
๐Ÿ“ low aparchitects.co.uk

8. Google Analytics tracking script pasted into DNS

A full Universal Analytics tracking snippet โ€” complete with the `(function(i,s,o,g,r,a,m)` IIFE โ€” was pasted into a DNS TXT record. Google Analytics has never and will never read a DNS TXT record. The script silently does nothing.

<script>(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)}(window,document,'script','https://www.google-analytics.com/analytics.js','ga'));</script>
๐Ÿ“ low 10treglynfarmcottages.co.uk

9. Attempted a CNAME apex redirect using a TXT record

The TXT record reads `apex=redirect5.promotemyplace.com` โ€” an attempt to configure a CNAME/ALIAS apex redirect using a raw text string. DNS resolvers do not read TXT records for routing instructions. This redirect has never worked. The website owner presumably wondered why their domain never pointed anywhere.

apex=redirect5.promotemyplace.com

Explore Other Categories

๐Ÿ“‹ Ctrl+C, Ctrl+V Disasters โ†’ ๐Ÿ” Cryptographic Nightmares โ†’ ๐ŸŒŸ Easter Eggs โ†’ ๐Ÿฅš SEO Hacks & Easter Eggs โ†’ ๐Ÿ” Admin Search History โ†’ ๐ŸŒ DNS โ‰  Website โ†’ ๐ŸŒ€ Pure Chaos โ†’ ๐Ÿ”ค One Character Away โ†’ ๐Ÿค– The AI Era โ†’ ๐Ÿบ Ancient Relics โ†’