[dns-operations] Why would an MTA issue an ANY query instead of an MX query?

Kyle Creyts kyle.creyts at gmail.com
Sun Jun 10 21:52:03 UTC 2012


Wouldn't an ANY query to a recursive ONLY return the cached records?

On Sun, Jun 10, 2012 at 11:26 AM,  <sthaug at nethelp.no> wrote:
>> "Not supporting"
>> ANY queries would also have side effects - simply dropping the
>> query maks the authoritative server appear unresponsive to the
>> recursive server initiating the query.
>
> Note that in many cases the server receiving the ANY query is a
> recursive server, not an authoritative server.
>
> For instance, the ISP I work for runs several recursive servers. Those
> recursive servers are only available to the ISP's customers. Even so,
> those recursive servers are contributing to DDoS attacks - because so
> many of the *clients* are either CPEs with a DNS proxy open from the
> WAN side, or customers' general open recursive servers which use the
> ISP recursive servers as forwarders.
>
> Steinar Haug, Nethelp consulting, sthaug at nethelp.no
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs



-- 
Kyle Creyts

Information Assurance Professional
BSidesDetroit Organizer



More information about the dns-operations mailing list