[dns-operations] Is this a DNS pollution?

Rich Greenwood rgreenwood at shastacoe.org
Wed Jul 24 17:05:47 UTC 2024 

Those resolvers are part of Cisco's Umbrella platform AKA OpenDNS and
provides filtering services via DNS.  It's possible that someone previously
had your IP associated with their OpenDNS account and you are getting their
filtering policies.  If you are on a dynamic IP, you can try releasing and
renewing the lease to get a different IP or just waiting.  The other
person's system should register their new IP with OpenDNS.  If this is a
static IP, I would set up an OpenDNS account and claim it, then you can
turn off the filtering.
--Rich

On Wed, Jul 24, 2024 at 9:36 AM Jeff Pang via dns-operations <
dns-operations at dns-oarc.net> wrote:

>
>
>
> ---------- Forwarded message ----------
> From: Jeff Pang <jeff at simplemail.co.in>
> To: DNS Operations <dns-operations at dns-oarc.net>
> Cc:
> Bcc:
> Date: Wed, 24 Jul 2024 09:14:52 +0800
> Subject: Is this a DNS pollution?
>  From my home isp I can't access the daum email correctly.
>
> I checked the DNS of imap/smtp via follows.
>
> $ dig smtp.daum.net
>
> ; <<>> DiG 9.10.6 <<>> smtp.daum.net
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8473
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;smtp.daum.net.                 IN      A
>
> ;; ANSWER SECTION:
> smtp.daum.net.          123     IN      A       157.240.8.41
>
> ;; Query time: 19 msec
> ;; SERVER: 208.67.222.222#53(208.67.222.222)
> ;; WHEN: Wed Jul 24 09:09:28 CST 2024
> ;; MSG SIZE  rcvd: 47
>
> $ dig imap.daum.net
>
> ; <<>> DiG 9.10.6 <<>> imap.daum.net
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8834
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;imap.daum.net.                 IN      A
>
> ;; ANSWER SECTION:
> imap.daum.net.          85      IN      A       108.160.163.106
>
> ;; Query time: 13 msec
> ;; SERVER: 208.67.222.222#53(208.67.222.222)
> ;; WHEN: Wed Jul 24 09:09:47 CST 2024
> ;; MSG SIZE  rcvd: 47
>
>
>
> I am certain that these two IPs are not the official IPs of daum.net.
> May I ask if this situation is due to DNS pollution? The public DNS
> parser I am using is 208.67.222.222, which is a service provided by
> Cisco.
>
> Do you know how to stop this happens?
>
> Thanks
>
> --
> regards,
> Jeff Pang
>
>
>
> ---------- Forwarded message ----------
> From: Jeff Pang via dns-operations <dns-operations at dns-oarc.net>
> To: DNS Operations <dns-operations at dns-oarc.net>
> Cc:
> Bcc:
> Date: Wed, 24 Jul 2024 09:14:52 +0800
> Subject: [dns-operations] Is this a DNS pollution?
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>


-- 
Rich Greenwood
Senior Engineer
Shasta County Office of Education

Information Technology

1644 Magnolia Ave.

Redding, CA 96001

Office: 530-225-0161

rgreenwood at shastacoe.org

Hotline: 530-225-0279

hotline at shastacoe.org

https://hotline.shastacoe.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20240724/cdcdc0d3/attachment-0001.html>

More information about the dns-operations mailing list