In article <20200331092538.gy41...@straasha.imrryr.org> you write: >> mx1.mx1.mx2.mx2.mx2.mx1.mx2.mx1.mta-sts.mx2.mx1.mx1.mx2.mx2.mx2.mx1.mx2.maxonsoftware.com. >> A >> >> mx2.mx1.mx2.mx1.mx1.mx2.mta-sts.mx1.mx2.mx2.mx1.mx2.mx1.mx2.cineversityoneonone.net. >> A >> >> mx2.mx1.mx1.mx1.mx2.mx2.mx2.mta-sts.mx1.mx2.mx1.mx1.mta-sts.mx2.mx2.mx2.effluentialtechnologies.net. >> A > >The DNS for these domains is busted, the servers return NoError >responses, no answer, authority or additional records other than OPT...
Try asking for A records for *.cineversityoneonone.net and you'll get one, that points to a live web server. They're wildcarded and point it returns a page that says deletion is pending for any URL, including mta-sts.<anything>.<domain>/.well-known/mta-sts.txt It looks like someone's mta-sts checker does not deal well with a big blob of html and javascript when it's expecting three lines of ASCII. It's clearly a bug, not malicious but I do wonder who it is. Perhaps I can set up a broken domain like that and see who comes visiting. -- Regards, John Levine, jo...@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations