[dns-operations] MX record scanning

Gilles Massen gilles.massen at restena.lu
Tue May 10 19:13:52 UTC 2011

On 10/5/11 13:53 , Antoin Verschuren wrote:

> If there should be a topic a DNS-CERT should handle, I think it's this
> one, as it needs coordination, and it clearly attacks or at least
> affects the DNS system as a whole. If DNS-OARC should wish to perform a
> task like this, this would be a start.

Frankly, I don't see this as any threat, or even attack, simply because 
the DNS is not targeted, only remotely involved. It suffers simply from 
the collateral effects of a probably well intended spam fighting 
measure. And as so often with well intended anti-spam measures, not only 
the spammer bears the cost.

But the bottom line is that this is a botnet trying to send spam. Hardly 
anything new, for CERTs business as usual. For helping the DNS there is 
a message to be passed to two parties. As I suspect that the spammers 
won't listen, get the 'good' guys to stop the random email generating pages.


Fondation RESTENA - DNS-LU

More information about the dns-operations mailing list