We've had a rash of servers getting bogus IP addresses lately and all of them are using the same DNS server. That DNS server is running on AIX 5.3 MR 3. The DNS server is set up to forward to another set of DNS servers if it cannot resolve the address that is being searched for. The AIX DNS server is a subdomain, the 'forwarders' are in the parent domain.

aaa.bbb.com <<< AIX
bbb.com <<< forwarders

If you search for something, without a domain supplied, and the DNS server doesn't know about it, it will respond with a bogus IP. For instance, if I search for blahblah and the DNS server knows nothing about it, then it will respond with an address of 204.251.15.190, even if it is in the parent domain bbb.com. I would expect it to say 'couldn't find that address'.

If I update /etc/resolv.conf to include 'search bbb.com' then I will get the correct response for the address.

I've checked out the config files for the DNS server and can't find the bogus IP in them anywhere, which makes this more confusing...

Help???

I think your 'parent' ISP is one of those braindead ISPs, who configure their DNS servers so that when they get a query for a non-existing domain name, they send you to some ad site (instead of replying with a "no such domain" message, as they should). Just surf to that IP address and it should be obvious. Sadly, this is becoming more and more standard practice...

So basically, there's nothing wrong with your set-up.
Best thing to do is complain to your ISP, tell them they violate RFC standards and engage in the general detriment of the world wide web; or even better switch to another ISP and tell your current one why you took your business elsewhere

Best regards,
nukkel