Is this an expired domain? Could be that someone had it set up on the ISP that you are querying and the ISP is still has it set up in their dns.

What do you consider "malicious"?

No ,they are not expired domains. These are active domains that I am registrant of , have had for years , and are actively operating through a hosting account I have.

What do I call malicious? Well that's why I am glad to get some input from others here because I am no DNS expert. It is my logic that any nameserver that returns DNS data for my active domain names should return the proper DNS configuration as setup in the authorative DNS records I created. There seems no logical (or legitimate) reason that I can think of that these handful of nameservers I have found should be returning someone elses DNS configuration associated with my active domain names. I stumbled upon these particular nameservers while investigating malicious email that was being sent using my domain information forged in the mail headers as the source sending mail server (ie. helo=mydomainname.com). Considering this factor this all seems the more suspicious to me? This is also not just affecting my domain names. About 80% of the random domain names I made queries to these nameservers , return this same DNS information for someone else? I'll do one now!

If I perform a query of this sites domain name [webmasterworld.com] with the nameserver : ns1.swbell.net , the DNS information returned is the same as my domain names. Server names and IP addresses not related in any way to the operation of our domain names?

Again I am no expert but it would seem logical to me that anyone requesting my domain names (or this forums) with this nameserver will be taken someone other than than where they should be? This is my concern of malicious or fraudulent activity in regards to this matter. Keep the input coming!Thanks!