Comment 14 for bug 1500683

I'm curious whether this affects *.maas, when in fact the MAAS server itself is primary for that domain. In other words, the request should not ever hit the forwarder, should it?

Or does BIND do a root check anyway to ensure that we are indeed allowed to be primary for that TLD?

If we are, is there a way to say "this is not an official TLD" that wouldn't trigger the problem?