As I understand it, Windows DNS has a problem with its recursion (being attacked recently). But if you turn it off, and turn off internet access (forwarders). Is there a way to turn off recursion, and still allow the DNS server to use the root hint servers? Other DNS servers?
If, as I suspect, the answer is no. Is there a way to disable recursion, but still allow certain domains (say domains that I control) to resolve. As an example;
DomainA.edu is prod
DomainB.edu is test
I don't really care if DomainB can see google, but I do want DomainB too be able to resolve DomainA. There is no Active Directory or other connection between the domains.
Can I do an import of DomainA or something to that effect (A manual zone transfer say)