[dns-operations] mail.protection.outlook.com has EDNS issues

Wed, 06 Jul 2022 02:45:38 -0700 

The authoritative name servers for mail.protection.outlook.com
apparently don't reply if you use EDNS. And it seems many resolvers
don't fallback on old-DNS (and rightly so). Seen from the RIPE Atlas
probes, many resolvers cannot resolve names under
mail.protection.outlook.com (here, the MX of cybercampus.fr):

% blaeu-resolve --type A -r 500 campuscyber-fr.mail.protection.outlook.com
[104.47.24.36 104.47.25.36] : 298 occurrences 
[ERROR: SERVFAIL] : 138 occurrences 
[] : 2 occurrences 
Test #42222162 done at 2022-07-06T09:25:50Z

% dig @ns1-proddns.glbdns.o365filtering.com. NS  mail.protection.outlook.com    

; <<>> DiG 9.16.1-Ubuntu <<>> @ns1-proddns.glbdns.o365filtering.com. NS 
mail.protection.outlook.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 64702
;; flags: qr rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; WARNING: EDNS query returned status FORMERR - retry with '+nodnssec +noedns'

;; Query time: 43 msec
;; SERVER: 104.47.16.17#53(104.47.16.17)
;; WHEN: mer. juil. 06 11:22:28 CEST 2022
;; MSG SIZE  rcvd: 12

~ % dig +nodnssec +noedns +bufsize=0 +nocookie 
@ns1-proddns.glbdns.o365filtering.com. NS  mail.protection.outlook.com    

; <<>> DiG 9.16.1-Ubuntu <<>> +nodnssec +noedns +bufsize +nocookie 
@ns1-proddns.glbdns.o365filtering.com. NS mail.protection.outlook.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52148
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;mail.protection.outlook.com. IN        NS

;; ANSWER SECTION:
mail.protection.outlook.com. 10 IN NS ns1-proddns.glbdns.o365filtering.com.
mail.protection.outlook.com. 10 IN NS ns2-proddns.glbdns.o365filtering.com.

;; Query time: 47 msec
;; SERVER: 104.47.16.17#53(104.47.16.17)
;; WHEN: mer. juil. 06 11:22:50 CEST 2022
;; MSG SIZE  rcvd: 199
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Reply via email to