[dns-operations] weird queries for mx1.mx2.mx1.mx2...
Petr Špaček
petr.spacek at nic.cz
Mon Mar 30 09:18:20 UTC 2020
Hello everyone,
while debugging some resolution problems we have notices really weird queries, seemingly related to e-mail delivery. This is query list for domain truckinsurancekentucky.com:
mx1.mx1.mx1.mx1.mx1.mx2.mx1.mx2.mx1.mta-sts.mx1.mx1.mx2.mx2.mta-sts.mx1.mx1.truckinsurancekentucky.com. AAAA
mx1.mx1.mx1.mx2.mx1.mx2.mx1.mx2.mx2.mx1.mx1.mx1.mx2.mx2.mx2.mx1.mx2.mx2.truckinsurancekentucky.com. A
mx1.mx2.mx1.mx1.mx1.mx1.mx1.mx2.mx1.mx1.mta-sts.mx1.mx2.mx2.mx2.mx1.truckinsurancekentucky.com. A
mx1.mx2.mx1.mx1.mx2.mx1.mx1.mx2.mx1.mx1.mx1.mx1.mx2.mx1.mx2.mta-sts.mx1.truckinsurancekentucky.com. NS
mx1.mx2.mx1.mx2.mx2.mx1.mx1.mx1.mx1.mx2.mta-sts.mx1.mx1.mx2.mta-sts.mx2.mx2.truckinsurancekentucky.com. AAAA
mx1.mx2.mx2.mx1.mx2.mx2.mx1.mx2.mx2.mx2.mx2.mx1.mx2.mx1.mx2.mx1.mx1.mx1.truckinsurancekentucky.com. A
mx2.mx1.mx1.mx2.mx1.mx1.mx1.mx2.mx2.mx2.mx2.mta-sts.mx1.mx2.mta-sts.mx1.mx2.mx1.truckinsurancekentucky.com. NS
mx2.mx1.mx2.mx1.mx1.mx2.mx1.mx2.mx1.mx2.mx1.mx1.mx1.mx1.mta-sts.mx1.mx2.mx2.truckinsurancekentucky.com. NS
mx2.mx2.mx1.mx1.mx1.mx2.mx2.mx2.mx1.mx2.mx1.mx1.mx1.mta-sts.mx1.mx2.truckinsurancekentucky.com. A
mx2.mx2.mx1.mx1.mx2.mx1.mx2.mx1.mx1.mta-sts.mx1.mx2.mx1.mx1.mta-sts.mx2.mx2.truckinsurancekentucky.com. AAAA
mx2.mx2.mx1.mx2.mx1.mx1.mx1.mx2.mx1.mx1.mx1.mx1.mx1.truckinsurancekentucky.com. AAAA
mx2.mx2.mx1.mx2.mx1.mx1.mx1.mx2.mx2.mx2.mx1.mx1.mx1.mta-sts.mx1.mx2.mx2.mx2.truckinsurancekentucky.com. A
Domain truckinsurancekentucky.com is not the only one with this weird behavior. Does anyone have an idea what is causing this?
(We have access only to anonymized data so we are unable to pinpoint responsible client.)
--
Petr Špaček @ CZ.NIC
More information about the dns-operations
mailing list