OK, so a network with no mail servers (residential/SMB relying on
WebMail) it may not be an issue.
Is blocking TXT queries possible?
I found this:
"Once the initial DNS response is received by the malware, it then
iterates to the next subdomain which is 'mail'. The malware uses this
domain in anot
On Mon, Mar 06, 2017 at 03:21:53PM -0500, Jim Alles wrote:
>
> Can / should dnsmasq be used to block DNS TXT record retrieval?
Blocking TXT queries wholesale will stop many SPF records from getting
through, which can interfere with email delivery.
khm
__
I am looking into murky waters, and have no knowledge of what is under
the surface.
So this may need to be categorized under 'ID10T'.
Can / should dnsmasq be used to block DNS TXT record retrieval?
reference: "DNSMessenger" @ threatpost.com
regards,
Jim A.
___