[dns-operations] asking the European a-k.cctld.us servers for MX records

Thomas Mieslinger miesi at pc-h.de
Wed Mar 27 18:39:39 UTC 2013

On 03/27/2013 04:48 PM, Chris Thompson wrote:
 > On Mar 26 2013, Thomas Mieslinger wrote:
 > [...]
 >> When doing a dig MX soderman.us @a.cctld.us in Europe  I get no
 >> answer at all.
 > [...etc...]
 > This seems to be fixed now, at least as seen from here.
 > Does anyone know any details of how it happened in the first place?
 > Blocking MX queries (only) seems quite a strange thing for even the
 > usual run of idiot firewall software to be doing.

Hi Chris,

thanks for your interest in this strange case. I got this email from 
neustar technical support:

We have corrected the issue that was blocking email/MX queries to US 
domain names from Europe.

Neustar had noticed a MX spike in it's servers in Europe over the 
weekend, and to stop any negative effects, we placed those servers in 
mitigation. We have modified the mitigation to block all inbound MX 
queries from recursive servers with the recursive bit turned off, and 
all email from Europe to .US domain names will now be delivered correctly.

Are we already in a time where everybody uses facebook, google+, linked 
in or whatever to communicate? I think that it was very bad decision to 
prohibit europe from sending emails to .us domains. Will they block SRV 
the next time? Disabling VoIP and various instant messengers?


More information about the dns-operations mailing list