On 11/22/2014 1:12 PM, A. Schulze wrote:
Darren Pilgrim:
But now I have a second such doamin, and I'd like to head-off a
maintenance problem. All such domains use the same set of MXes, so
it's an obvious pattern to switch transports if the next hop is one
of the offending MXes.
if ipv4 is still working you could
- modify your local dns resolver to strip the AAAA part in it's answer
for the hosts in question
I thought about that, but the domains in question use DNSSEC and I
generally try not to break other people's protective measures. :)
- modify your local firewall to *reject* outbound connections to the
IPv6 address in question
both are not perfect any may have unwanted side effects.
Considered this as well, but I'm trying to get away from maintaining a
static list of non-static things. Maintaining a host pattern still has
that problem, but it at least gets me some automation if they renumber
or rename their MXes, which I've seen them do.
