Jump to content
  • Advertisement
Sign in to follow this  
Evil Steve

MX DNS Queries

This topic is 3621 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I'm trying to make some DNS utility functions just for a learning experience. I've got class A requests working fine, but MX requests seem not to work as I expect. I issue a request for an MX record for www.hotmail.com, and the nameserver replies with "CNAME = mail.live.com". If I then issue a MX request for mail.live.com, I don't get any answers in the reply. Does anyone know what's going on here? RFC974 says that if there's no MX record in the reply, then I should connect to the domain name for which the MX request was issued (mail.live.com), but I can't actually connect to mail.live.com on port 25 (It just times out). Does anyone know if I'm doing something silly here? I've uploaded a dump from Wireshark Here if it helps at all. Cheers, Steve

Share this post


Link to post
Share on other sites
Advertisement
My mistake nslookup uses an A request obviously. I did not realize that you are trying to get the mail record.

Share this post


Link to post
Share on other sites
I think you can set nslookup to use MX requests. I know for sure that you can set "host" to use MX requests.

If you want to reverse-engineer how to automatically send e-mail, how about using Wireshark (or netmon) on something like Thunderbird when it's sending e-mail?

[Edited by - hplus0603 on November 18, 2008 3:43:35 PM]

Share this post


Link to post
Share on other sites
Quote:
Original post by hplus0603
I think you can set nslookup to use MX requests. I know for sure that you can set "host" to use MX requests.

You're right in windows it is -type=MX, looks like that receives the same response you are seeing. I then did an MX on mail.live.com and got a result.

Share this post


Link to post
Share on other sites
The MX record points to the host that handles mail. So you want to query for the MX record for "hotmail.com" (not "www.hotmail.com" - you send mail to someone@hotmail.com, not someone@www.hotmail.com, right?). I'm going to look at gmail.com, cause that's slightly more interesting (this is from nslookup):


> set type=mx
> gmail.com
Server: mygateway1.NB5Plus4W
Address: 192.168.1.1

Non-authoritative answer:
gmail.com MX preference = 10, mail exchanger = alt1.gmail-smtp-in.l.google.com
gmail.com MX preference = 10, mail exchanger = alt2.gmail-smtp-in.l.google.com
gmail.com MX preference = 50, mail exchanger = gsmtp147.google.com
gmail.com MX preference = 50, mail exchanger = gsmtp183.google.com
gmail.com MX preference = 5, mail exchanger = gmail-smtp-in.l.google.com

... (you get more than this, but that'll do for starters)




This means there's fuve hosts that handle mail for gmail.com, alt1.gmail-smtp-in.l.google.com, gsmtp183.google.com, etc.

The should be sorted by the value of the "preference" parameter. You then try each server in order until you are able to connect. So you'd try gsmtp147.google.com first, then gsmtp183.google.com, then alt1.gmail-smtp-in.l.google.com and so on.

You query for the A record of the host returned in the MX, which gives you the IP address of the actual server. Here's a sample from above:


> set type=A
> gsmtp147.google.com
Server: mygateway1.NB5Plus4W
Address: 192.168.1.1

Non-authoritative answer:
Name: gsmtp147.google.com
Address: 209.85.147.27

> alt2.gmail-smtp-in.l.google.com
Server: mygateway1.NB5Plus4W
Address: 192.168.1.1

Non-authoritative answer:
Name: alt2.gmail-smtp-in.l.google.com
Addresses: 209.85.135.27, 209.85.135.114




So you'd connect to the SMTP server at 209.85.147.27 first, if you can't connect, you try the next one and so on...

Share this post


Link to post
Share on other sites
Argh, I'm an idiot. I was trying www.hotmail.com, not hotmail.com. I'd already tried using nslookup and didn't get any MX records from it either (obviously), so I figured I'd misunderstood the RFC.

Quote:
Original post by hplus0603
If you want to reverse-engineer how to automatically send e-mail, how about using Wireshark (or netmon) on something like Thunderbird when it's sending e-mail
Most mailers don't do the MX lookups themselves, they relay to your ISPs mail server. Although I haven't actually tested this with anything yet.

Thanks for the replies [smile]

Share this post


Link to post
Share on other sites
Quote:
Most mailers don't do the MX lookups themselves, they relay to your ISPs mail server.


Yes, brain-fart on my end. What you should do is install postfix or qmail on a linux box running inside VirtualPC or VMWare, and then net-sniff *that*. And, as you'll then be on Linux, you can use tcpdump to do the capture, and "host" or "dig" to do your own DNS queries.

Share this post


Link to post
Share on other sites
If that works. It's common these days for residential ISPs to block outgoing port 25 other than to the ISP's own mail server, since it's usually used by spamming zombies. (For maximum lulz, some of them combine this with disallowing FROM spoofing on their SMTP server. Hope you didn't like using your work email address!)

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!