On 10/13/23 6:38 PM, Alessandro Vesely via mailop wrote:
I suspect they tried to put a filter on port 53 too, to avoid too many queries, and filter off _dmarc because it is an invalid host. Sounds real?!?
hi,well, it's not related to DMARC; they seem not answering queries for any NX domain:
./dig A @rh120ns1.368.dhhs.gov qwerty.hhs.gov ;; communications error to 158.74.30.102#53: timed out ;; communications error to 158.74.30.102#53: timed out ;; communications error to 158.74.30.102#53: timed out ;; communications error to 2607:f220:0:1::2c#53: timed out ; <<>> DiG 9.18.19 <<>> A @rh120ns1.368.dhhs.gov qwerty.hhs.gov ; (2 servers found) ;; global options: +cmd ;; no servers could be reached ./dig A @rh120ns1.368.dhhs.gov w.connect.hhs.gov ;; communications error to 158.74.30.102#53: timed out ;; communications error to 158.74.30.102#53: timed out ;; communications error to 158.74.30.102#53: timed out ;; communications error to 2607:f220:0:1::2c#53: timed out ; <<>> DiG 9.18.19 <<>> A @rh120ns1.368.dhhs.gov w.connect.hhs.gov ; (2 servers found) ;; global options: +cmd ;; no servers could be reached -- antonio
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
