Something on your network is trying to convert 116.00.204.x and
88.165.16.x addresses to names, presumably because they are seeing
traffic from those addresses. In both cases there appears to be
broken delegations involved.

REFUSED usually means that the server is not configured for the
zone.

SERVFAIL usually means that the server is configured for the zone
but doesn't have a current copy.

You could use whois to try to contact the administrators of these
zones to correct the servers or remove the delegations.

Mark

Hello Mark,
Thank you for your answer. I'm not sure I've understood everything but I'll read it numerous times if necessary.I have ACLs so I'm not surprised to see these REFUSED, I also understand the SERVFAIL meaning.
I'm just trying to figure out where the problem comes from.You seem to point out a device which should be on my network and who queries a PTR (something like a mail server which want to check the domain of the user who sent the email)

What I didn't understand is"You could use whois to try to contact the administrators of these zones to correct the servers or remove the delegations."You mean this one "x.204.99.116.in-addr.arpa" which appeared in my logs ?
Regards
Something on your network is trying to convert 116.00.204.x and
88.165.16.x addresses to names, presumably because they are seeing
traffic from those addresses.  In both cases there appears to be
broken delegations involved.

REFUSED usually means that the server is not configured for the
zone.

SERVFAIL usually means that the server is configured for the zone
but doesn't have a current copy.

You could use whois to try to contact the administrators of these
zones to correct the servers or remove the delegations.

Mark

Thank you guys for your answers.
Your ACL is not relevant. The REFUSED response is coming from the server
the reverse zone is delegated to.
The problem comes from bad reverse DNS delegations of remote addresses.
Unfortunately, this has always been very common.
whois -h whois.apnic.net 116.99.204.0

role:          VIETEL IPADMIN GROUP
address:        1 Tran Huu Duc, My Dinh, Tu Liem, Hanoi
country:        VN
phone:          +84-9-83000456
fax-no:        +84-4-38460486
e-mail:        ***@viettel.com.vn
remarks:        send spam and abuse report to ***@viettel.com.vn

whois 88.165.16.0

role:          Administrative Contact for ProXad
address:        Free SAS / ProXad
address:        8, rue de la Ville L'Eveque
address:        75008 Paris
phone:          +33 1 73 50 20 00
fax-no:        +33 1 73 92 25 69
remarks:        trouble:      Information: http://www.proxad.net/
remarks:        trouble:      Spam/Abuse requests:
mailto:***@proxad.net
admin-c:        APfP1-RIPE
tech-c:        TPfP1-RIPE
nic-hdl:        ACP23-RIPE
mnt-by:        PROXAD-MNT
abuse-mailbox:  ***@proxad.net
created:        2002-06-26T12:46:56Z
last-modified:  2013-08-01T12:16:00Z
source:        RIPE # Filtered
--
Barry Margolin
Arlington, MA

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
bind-***@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users