subject:"\[mailop\] No MX records for mail.mil"

Re: [mailop] No MX records for mail.mil

2018-05-03 Thread Jim Popovitch via mailop

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

On Thu, 2018-05-03 at 09:33 -0500, Frank Bulk wrote:
> This doesn’t look so good, though:
> http://dnsviz.net/d/mail.mil/dnssec/

but this did:
http://dnsviz.net/d/mail.mil/WsaG2w/dnssec/
 
and before that there was:
http://dnsviz.net/d/mail.mil/WusxjQ/dnssec/

This flip-flop behaviour on mail.mil has been going on for more than a
year.  I'm going to guess that the responsible contractor doesn't know
what they're doing.  :-)

- -Jim P.
-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEPxwe8uYBnqxkbORSJxVetMRaJwUFAlrrM0wACgkQJxVetMRa
JwV3ExAAnEIcG1kmh4NWuuloJ/jaoMoaKMtMUfyOx0QAGXzkPAl6BXMoVojxGupg
M+u951aSYjr0MZelpxyLjMnHXBKwHsUFUkgurT9q7G/fktnUUSDatSUIpZ0YnM/V
4tdCBjp4r0UvK93IAC+JzMLs5RrZ/qX6xwKXO+3eO7BXnHI3jOhW9YRPkJKSwV0f
T7H5oxh69Zz2dQazlGMThMuU99E04T+P7Nt3RS0xxNkahEeQbqzi5jLfsZtgBOZm
mhdW705pcs5gM2GeUvaafazuFgkV4+88fd+kjx4xrbWu0xPfCs5xfGLYNZZnDn27
SttcGFqvZYwI3HIriVFYMF+rQPU8oNdDx1dkBtpKb0LTeMCZCJQOGxX91EEVjk+t
IODTTZIhLZnBAsLHwUOeU0/KaF5r6fr8QUPRd0Mt8BmYwNNk4DeQlHCmmUxLNJol
nDWkRMfYOveogOID4wJK0czCw5uAPrmVaxXG3ZUCmAPHjGqJwOh31XDNTfzdIZ5E
U3PPTUzIoIGQJbmYysiIdbehydtHXJWFtakTPIfaa7f7UMZvlf4NXflqdm2mwhBe
TKZpjbdzMc3qxHsXtcxT5pufi3nLOTnP91iHbYU0SPnSrQWO3ThebR7RuFl48AG2
O5XrmaNRuNuKJFE3UVjxTOM3qkKDYdNGC6VS9dZHaaPurWi6los=
=pUnj
-END PGP SIGNATURE-


___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] No MX records for mail.mil

2018-05-03 Thread Vick Khera

On Thu, May 3, 2018 at 10:33 AM, Frank Bulk  wrote:

> This doesn’t look so good, though:
>
> http://dnsviz.net/d/mail.mil/dnssec/
>
>
>
>
>
Yes, that looks bad :(

I have to learn more how to query/interpret my dns server's DNSSEC output,
or make it more strict.
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] No MX records for mail.mil

2018-05-03 Thread Frank Bulk

This doesn’t look so good, though:

http://dnsviz.net/d/mail.mil/dnssec/

 

Frank 

 

From: mailop <mailop-boun...@mailop.org> On Behalf Of Vick Khera
Sent: Thursday, May 03, 2018 9:00 AM
To: mailop@mailop.org
Subject: Re: [mailop] No MX records for mail.mil

 

My own office resolver running unbound has DNSSEC enabled with strict checking, 
and the response I get shows it is authenticated data: the "ad" flag is on.  
Based on that, DNSSEC is working for them as far as my understanding goes. My 
first guess was also it would be a DNSSEC issue.

 

 

; <<>> DiG 9.10.6 <<>> mail.mil <http://mail.mil>  mx

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25907

;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

 

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 4096

;; QUESTION SECTION:

;mail.mil <http://mail.mil> .IN   MX

 

;; ANSWER SECTION:

mail.mil <http://mail.mil> .   797  IN   MX   10 pri-jeemsg.eemsg.mail.mil 
<http://pri-jeemsg.eemsg.mail.mil> .

mail.mil <http://mail.mil> .   797  IN   MX   20 sec-jeemsg.eemsg.mail.mil 
<http://sec-jeemsg.eemsg.mail.mil> .

 

;; Query time: 0 msec

;; SERVER: 192.168.135.1#53(192.168.135.1)

;; WHEN: Thu May 03 09:51:57 EDT 2018

;; MSG SIZE  rcvd: 97

 

 

 

 

 

On Thu, May 3, 2018 at 9:32 AM, <frnk...@iname.com <mailto:frnk...@iname.com> > 
wrote:

Looks to be a DNSsec issue ... please correct me if I have that wrong.

Frank


-Original Message-
From: Frank Bulk (frnk...@iname.com <mailto:frnk...@iname.com> ) 
<frnk...@iname.com <mailto:frnk...@iname.com> > 
Sent: Thursday, May 3, 2018 8:28 AM
To: 'mailop@mailop.org <mailto:mailop@mailop.org> ' (mailop@mailop.org 
<mailto:mailop@mailop.org> ) <mailop@mailop.org <mailto:mailop@mailop.org> >
Subject: No MX records for mail.mil <http://mail.mil> 

I haven't investigated this thoroughly, but it seems like mail.mil 
<http://mail.mil>  is not
returning MX records from certain DNS resolvers. 

Frank


DNS server: 1.1.1.1 (Cloudflare DNS)

; <<>> DiG 9.7.3 <<>> MX mail.mil <http://mail.mil>  @1.1.1.1 <http://1.1.1.1> 
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 49376
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.mil <http://mail.mil> .  IN  MX

;; Query time: 67 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Thu May  3 08:24:43 2018
;; MSG SIZE  rcvd: 26


DNS server: 1.0.0.1 (Cloudflare DNS)

; <<>> DiG 9.7.3 <<>> MX mail.mil <http://mail.mil>  @1.0.0.1 <http://1.0.0.1> 
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 39108
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.mil <http://mail.mil> .  IN  MX

;; Query time: 4171 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Thu May  3 08:24:47 2018
;; MSG SIZE  rcvd: 26


DNS server: 8.8.8.8 (Google DNS)

; <<>> DiG 9.7.3 <<>> MX mail.mil <http://mail.mil>  @8.8.8.8 <http://8.8.8.8> 
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 29691
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.mil <http://mail.mil> .  IN  MX

;; Query time: 34 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu May  3 08:24:42 2018
;; MSG SIZE  rcvd: 26


DNS server: 8.8.4.4 (Google DNS)

; <<>> DiG 9.7.3 <<>> MX mail.mil <http://mail.mil>  @8.8.4.4 <http://8.8.4.4> 
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 27285
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.mil <http://mail.mil> .  IN  MX

;; Query time: 76 msec
;; SERVER: 8.8.4.4#53(8.8.4.4)
;; WHEN: Thu May  3 08:24:42 2018
;; MSG SIZE  rcvd: 26




___
mailop mailing list
mailop@mailop.org <mailto:mailop@mailop.org> 
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

 

___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] No MX records for mail.mil

2018-05-03 Thread Vick Khera

My own office resolver running unbound has DNSSEC enabled with strict
checking, and the response I get shows it is authenticated data: the "ad"
flag is on.  Based on that, DNSSEC is working for them as far as my
understanding goes. My first guess was also it would be a DNSSEC issue.


; <<>> DiG 9.10.6 <<>> mail.mil mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25907
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mail.mil. IN MX

;; ANSWER SECTION:
mail.mil. 797 IN MX 10 pri-jeemsg.eemsg.mail.mil.
mail.mil. 797 IN MX 20 sec-jeemsg.eemsg.mail.mil.

;; Query time: 0 msec
;; SERVER: 192.168.135.1#53(192.168.135.1)
;; WHEN: Thu May 03 09:51:57 EDT 2018
;; MSG SIZE  rcvd: 97





On Thu, May 3, 2018 at 9:32 AM,  wrote:

> Looks to be a DNSsec issue ... please correct me if I have that wrong.
>
> Frank
>
> -Original Message-
> From: Frank Bulk (frnk...@iname.com) 
> Sent: Thursday, May 3, 2018 8:28 AM
> To: 'mailop@mailop.org' (mailop@mailop.org) 
> Subject: No MX records for mail.mil
>
> I haven't investigated this thoroughly, but it seems like mail.mil is not
> returning MX records from certain DNS resolvers.
>
> Frank
>
> 
> DNS server: 1.1.1.1 (Cloudflare DNS)
>
> ; <<>> DiG 9.7.3 <<>> MX mail.mil @1.1.1.1
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 49376
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;mail.mil.  IN  MX
>
> ;; Query time: 67 msec
> ;; SERVER: 1.1.1.1#53(1.1.1.1)
> ;; WHEN: Thu May  3 08:24:43 2018
> ;; MSG SIZE  rcvd: 26
>
> 
> DNS server: 1.0.0.1 (Cloudflare DNS)
>
> ; <<>> DiG 9.7.3 <<>> MX mail.mil @1.0.0.1
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 39108
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;mail.mil.  IN  MX
>
> ;; Query time: 4171 msec
> ;; SERVER: 1.0.0.1#53(1.0.0.1)
> ;; WHEN: Thu May  3 08:24:47 2018
> ;; MSG SIZE  rcvd: 26
>
> 
> DNS server: 8.8.8.8 (Google DNS)
>
> ; <<>> DiG 9.7.3 <<>> MX mail.mil @8.8.8.8
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 29691
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;mail.mil.  IN  MX
>
> ;; Query time: 34 msec
> ;; SERVER: 8.8.8.8#53(8.8.8.8)
> ;; WHEN: Thu May  3 08:24:42 2018
> ;; MSG SIZE  rcvd: 26
>
> 
> DNS server: 8.8.4.4 (Google DNS)
>
> ; <<>> DiG 9.7.3 <<>> MX mail.mil @8.8.4.4
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 27285
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;mail.mil.  IN  MX
>
> ;; Query time: 76 msec
> ;; SERVER: 8.8.4.4#53(8.8.4.4)
> ;; WHEN: Thu May  3 08:24:42 2018
> ;; MSG SIZE  rcvd: 26
>
> 
>
>
> ___
> mailop mailing list
> mailop@mailop.org
> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
>
___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] No MX records for mail.mil

2018-05-03 Thread frnkblk

Looks to be a DNSsec issue ... please correct me if I have that wrong.

Frank

-Original Message-
From: Frank Bulk (frnk...@iname.com)  
Sent: Thursday, May 3, 2018 8:28 AM
To: 'mailop@mailop.org' (mailop@mailop.org) 
Subject: No MX records for mail.mil

I haven't investigated this thoroughly, but it seems like mail.mil is not
returning MX records from certain DNS resolvers. 

Frank


DNS server: 1.1.1.1 (Cloudflare DNS)

; <<>> DiG 9.7.3 <<>> MX mail.mil @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 49376
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.mil.  IN  MX

;; Query time: 67 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Thu May  3 08:24:43 2018
;; MSG SIZE  rcvd: 26


DNS server: 1.0.0.1 (Cloudflare DNS)

; <<>> DiG 9.7.3 <<>> MX mail.mil @1.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 39108
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.mil.  IN  MX

;; Query time: 4171 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Thu May  3 08:24:47 2018
;; MSG SIZE  rcvd: 26


DNS server: 8.8.8.8 (Google DNS)

; <<>> DiG 9.7.3 <<>> MX mail.mil @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 29691
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.mil.  IN  MX

;; Query time: 34 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu May  3 08:24:42 2018
;; MSG SIZE  rcvd: 26


DNS server: 8.8.4.4 (Google DNS)

; <<>> DiG 9.7.3 <<>> MX mail.mil @8.8.4.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 27285
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.mil.  IN  MX

;; Query time: 76 msec
;; SERVER: 8.8.4.4#53(8.8.4.4)
;; WHEN: Thu May  3 08:24:42 2018
;; MSG SIZE  rcvd: 26




___
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Re: [mailop] No MX records for mail.mil

Re: [mailop] No MX records for mail.mil

Re: [mailop] No MX records for mail.mil

Re: [mailop] No MX records for mail.mil

Re: [mailop] No MX records for mail.mil

5 matches

Site Navigation

Mail list logo

Footer information