[dns-operations] Why would an MTA issue an ANY query instead of an MX query?
postmaster at dtnx.net
Sun Jun 10 11:25:06 UTC 2012
On Jun 10, 2012, at 12:33, Dobbins, Roland wrote:
> On Jun 10, 2012, at 5:29 PM, <sthaug at nethelp.no> wrote:
>> One word: qmail. Google "qmail dns any query".
> If that's it, then would asking djb to change its behavior so as to issue TXT requests to look for SPF records make sense?
> I know that doesn't do anything for currently-deployed MTAs, but one has to start somewhere . . .
Asking DJB to change qmail behavior? ;-)
It's not just qmail, though. I bet there's some engineers who consider
it more efficient to do a single query to get all the data they want. A
lot of the 'ANY' queries we get originate at Google, HE etcetera.
Google is known to be obsessed with latency, for example, so I wouldn't
be suprised if they deliberately request ANY and then parse and cache
the results for a multitude of uses.
A single ANY query for a domain gives you the NS, MX, TXT and SPF
records, plus any A/AAAA record present. At scale, who knows, the
reduction in number of queries probably adds up.
And then there's the information harvesters, who query hosted domains
in sequence. They actually seem to account for around 40% of our
'normal' ANY traffic with just a few IP addresses.
More information about the dns-operations