I’m managing a small VPS that hosts sites to a couple of domain names. Let’s say that one of those is example.com.

For many months now, someone I don’t know has made their domain name a full alias to my domain: every DNS requests to their domain gets the same answer: IN CNAME example.com. Which means that everyone trying to connect to their domain, will connect to our VPS.

So now we are getting a lot of connection and login attempts, web requests and all of that which aren’t intended for us. And there’s nothing we can do to stop this from happening. Unfortunately their domain is targeted by its own amount of spiders, bots etc. Costing traffic and resources, sometimes a few, sometimes a lot.

So I wish there was a way to invalidate this CNAME from my own domain. Maybe with something like SPF does for email – SPF is a DNS TXT record in which you specify the hosts and/or IPs that are allowed to deliver email from your domain.

If this would be possible for CNAMES – specifying which other domains (or variants of that) are allowed to point to a target domain, “CNAME abuse” (for lack of a better term) like I’m seeing could be quashed.