[dns-operations] weird queries for mx1.mx2.mx1.mx2...

Bob Harold rharolde at umich.edu
Mon Mar 30 20:02:32 UTC 2020


Almost looks like someone hiding binary code in the 1/2 values ...
But misconfiguration seems more likely.

-- 
Bob Harold


On Mon, Mar 30, 2020 at 3:16 PM John Levine <johnl at taugh.com> wrote:

> In article <02fe7bae-fec6-f314-b189-4214b75cef60 at nic.cz> you write:
> >This is query list for domain truckinsurancekentucky.com:
> >
> >
> mx1.mx1.mx1.mx1.mx1.mx2.mx1.mx2.mx1.mta-sts.mx1.mx1.mx2.mx2.mta-sts.mx1.mx1.truckinsurancekentucky.com.
> AAAA
>
> >Domain truckinsurancekentucky.com is not the only one with this weird
> behavior. Does anyone have an idea what is causing this?
>
> It sure looks like misconfigured mta-sts.
>
> That domain is dead, got another live one we could look at and see how
> it's configured?  Tnx.
>
> --
> Regards,
> John Levine, johnl at taugh.com, Primary Perpetrator of "The Internet for
> Dummies",
> Please consider the environment before reading this e-mail. https://jl.ly
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20200330/a19d5417/attachment.html>


More information about the dns-operations mailing list