Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Strange MX Record for altavista.com

28 views
Skip to first unread message

Barry Finkel

unread,
Sep 1, 2004, 5:36:27 PM9/1/04
to
There is a mail system here that has mail queued for altavista.com.
dig reports:

atalanta% dig altavista.com mx

; <<>> DiG 8.3 <<>> altavista.com mx
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 0
;; QUERY SECTION:
;; altavista.com, type = MX, class = IN

;; ANSWER SECTION:
altavista.com. 10M IN MX 0 .

;; AUTHORITY SECTION:
altavista.com. 10M IN NS ns4.yahoo.com.
altavista.com. 10M IN NS ns5.yahoo.com.
altavista.com. 10M IN NS ns1.yahoo.com.
altavista.com. 10M IN NS ns2.yahoo.com.
altavista.com. 10M IN NS ns3.yahoo.com.

;; Total query time: 65 msec
;; FROM: atalanta.ctd.anl.gov to SERVER: default -- 146.137.64.5
;; WHEN: Wed Sep 1 16:27:21 2004
;; MSG SIZE sent: 31 rcvd: 142

atalanta%

That is a strange MX record. When that mail system (MX Exchange)
tries to send the mail, it opens an SMTP port 25 connection to one of
my DNS servers. Is this what is supposed to happen? Thanks.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Instrumentation Solutions Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: BSFi...@anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994


Mark Andrews

unread,
Sep 1, 2004, 5:56:44 PM9/1/04
to

It's an attempt to say "don't sent mail to the domain
altavista.com." It's a pity it is not been codified
AFAIK.

I would be teaching my MTA to treat a MX record like
this as a indication to just bounce the mail.

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_A...@isc.org

Three Letter Acronym

unread,
Sep 1, 2004, 7:33:43 PM9/1/04
to

Mark Andrews wrote:
>>There is a mail system here that has mail queued for altavista.com.
>>dig reports:
>>
>>atalanta% dig altavista.com mx
>>
>> ; <<>> DiG 8.3 <<>> altavista.com mx
>> ;; res options: init recurs defnam dnsrch
>> ;; got answer:
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 0
>> ;; QUERY SECTION:
>> ;; altavista.com, type = MX, class = IN
>>
>> ;; ANSWER SECTION:
>> altavista.com. 10M IN MX 0 .
>>

[snip]

>>That is a strange MX record. When that mail system (MX Exchange)
>>tries to send the mail, it opens an SMTP port 25 connection to one of
>>my DNS servers. Is this what is supposed to happen? Thanks.

[snip]

> It's an attempt to say "don't sent mail to the domain
> altavista.com." It's a pity it is not been codified
> AFAIK.
>
> I would be teaching my MTA to treat a MX record like
> this as a indication to just bounce the mail.
>

Note that altavista.com uses SPF to declare that they don't send any
mail either...

--eli

dart@laptop ~ >> dig txt altavista.com

; <<>> DiG 9.2.3 <<>> txt altavista.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54292
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 5, ADDITIONAL: 0

;; QUESTION SECTION:
;altavista.com. IN TXT

;; ANSWER SECTION:
altavista.com. 587 IN TXT "Null SPF is for
tracking purposes only"
altavista.com. 587 IN TXT "All mail claiming to be
from altavista.com is forged"
altavista.com. 587 IN TXT "v=spf1
+exists:CL.%{i}.FR.%{s}.HE.%{h}.null.spf.altavista.com -all"
altavista.com. 587 IN TXT "This domain sends no email"

Christian Smith

unread,
Sep 1, 2004, 7:14:16 PM9/1/04
to
In article <ch5fte$14et$1...@sf1.isc.org>,
Barry Finkel <b19...@achilles.ctd.anl.gov> wrote:

> That is a strange MX record. When that mail system (MX Exchange)
> tries to send the mail, it opens an SMTP port 25 connection to one of
> my DNS servers. Is this what is supposed to happen? Thanks.

Well, that MX record is pretty much busted. The mail server -should-
probably just barf and refuse to deliver the message, but some other
behavior is not too unexpected.

Looks like Yahoo pouched the MX record for altavista.com.

Barry Margolin

unread,
Sep 1, 2004, 11:14:32 PM9/1/04
to
In article <ch5mlr$1ioj$1...@sf1.isc.org>,
Christian Smith <no...@i.am.invalid> wrote:

> In article <ch5fte$14et$1...@sf1.isc.org>,
> Barry Finkel <b19...@achilles.ctd.anl.gov> wrote:
>
> > That is a strange MX record. When that mail system (MX Exchange)
> > tries to send the mail, it opens an SMTP port 25 connection to one of
> > my DNS servers. Is this what is supposed to happen? Thanks.
>
> Well, that MX record is pretty much busted. The mail server -should-
> probably just barf and refuse to deliver the message, but some other
> behavior is not too unexpected.

There's no reason for any special-casing. The mailer should try to look
up an A record for "." (the root domain). Since there is no such
record, it should handle it just like any other MX record that points to
a name without an A record -- log a complaint and bounce the mail.

--
Barry Margolin, bar...@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***

Francis Dupont

unread,
Sep 2, 2004, 4:56:41 AM9/2/04
to
In your previous mail you wrote:

> ;; ANSWER SECTION:
> altavista.com. 10M IN MX 0 .

It's an attempt to say "don't sent mail to the domain
altavista.com." It's a pity it is not been codified
AFAIK.

I would be teaching my MTA to treat a MX record like
this as a indication to just bounce the mail.

=> perhaps it is time to reconsider RFC 1846 which provides a cleaner
way to bounce any mail?

Regards

Francis...@enst-bretagne.fr

PS: it is an operational issue so in the scope of DNSOP WG.

Chris Stone

unread,
Sep 2, 2004, 1:44:39 PM9/2/04
to
From rfc-ignorant.org
(http://www.rfc-ignorant.org/tools/lookup.php?domain=altavista.com) lookup:

Current Results for altavista.com lookup

blacklist_zone domain status Submitted
Added Rejected Removed
Postmaster altavista.com Listed Apr 1, 2004 21:24 EST Apr
2, 2004 1:51 EST Never Never
dsn altavista.com Listed Feb 29, 2004 19:26 EST Mar
1, 2004 4:19 EST Never Never
abuse altavista.com Listed Jan 21, 2002 23:54 EST Jan 23, 2002
21:28 EST Never Never
bogusmx altavista.com Listed Mar 25, 2004 17:47 EST Mar
25, 2004 17:47 EST Never Never

> -----Original Message-----
> From: bind-use...@isc.org
> [mailto:bind-use...@isc.org] On Behalf Of Barry Finkel
> Sent: Wednesday, September 01, 2004 3:36 PM
> To: bind-...@isc.org
> Subject: Strange MX Record for altavista.com
>
> There is a mail system here that has mail queued for altavista.com.
> dig reports:
>
> atalanta% dig altavista.com mx
>
> ; <<>> DiG 8.3 <<>> altavista.com mx
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 5,
> ADDITIONAL: 0
> ;; QUERY SECTION:
> ;; altavista.com, type = MX, class = IN
>

> ;; ANSWER SECTION:
> altavista.com. 10M IN MX 0 .
>

> ;; AUTHORITY SECTION:
> altavista.com. 10M IN NS ns4.yahoo.com.
> altavista.com. 10M IN NS ns5.yahoo.com.
> altavista.com. 10M IN NS ns1.yahoo.com.
> altavista.com. 10M IN NS ns2.yahoo.com.
> altavista.com. 10M IN NS ns3.yahoo.com.
>
> ;; Total query time: 65 msec
> ;; FROM: atalanta.ctd.anl.gov to SERVER: default -- 146.137.64.5
> ;; WHEN: Wed Sep 1 16:27:21 2004
> ;; MSG SIZE sent: 31 rcvd: 142
>
> atalanta%
>

> That is a strange MX record. When that mail system (MX Exchange)
> tries to send the mail, it opens an SMTP port 25 connection to one of
> my DNS servers. Is this what is supposed to happen? Thanks.

0 new messages