Office 365 的“mail.eo.outlook.com”域最近发生了什么变化?

tag-icon tag-icon domain-name-system microsoft-office-365
Office 365 的“mail.eo.outlook.com”域最近发生了什么变化?

DNS 解析在三月下旬工作正常,但是现在,一些解析器(我在 NAT 后面的 LAN 上的解析器,以及我的 ISP RCN 的解析器)在该区域中的主机名方面存在问题,而其他解析器(例如,Google 的 8.8.8.8)则没有问题。

这些 DNS 查询并非粉饰行为。您可以查询“.mail.eo.outlook.com”区域中的任何主机名。

GOOGLE 可以解决它...

$ dig anything.mail.eo.outlook.com @8.8.8.8

; <<>> DiG 9.8.3-P1 <<>> anything.mail.eo.outlook.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26750
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;anything.mail.eo.outlook.com.  IN  A

;; ANSWER SECTION:
anything.mail.eo.outlook.com. 10 IN A   213.199.154.87
anything.mail.eo.outlook.com. 10 IN A   213.199.154.23

;; Query time: 45 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Apr  4 12:32:01 2013
;; MSG SIZE  rcvd: 78

虽然我的解析器和 RCN 不能:

$ dig anything.mail.eo.outlook.com @192.168.42.108

; <<>> DiG 9.8.3-P1 <<>> anything.mail.eo.outlook.com @192.168.42.108
;; global options: +cmd
;; connection timed out; no servers could be reached

$ dig anything.mail.eo.outlook.com @97.107.142.193

; <<>> DiG 9.8.3-P1 <<>> anything.mail.eo.outlook.com @97.107.142.193
;; global options: +cmd
;; connection timed out; no servers could be reached

解析器在其他区域确实能正常运行:

$ dig +short www.google.com @192.168.42.108
74.125.131.105
74.125.131.106
74.125.131.147
74.125.131.99
74.125.131.103
74.125.131.104
$ dig +short www.amizon.com @192.168.42.108
rewrite.amazon.com.
72.21.210.29
$ dig +short www.google.com @97.107.142.193
74.125.228.49
74.125.228.50
74.125.228.51
74.125.228.52
74.125.228.48
$ dig +short www.amizon.com @97.107.142.193
rewrite.amazon.com.
207.171.166.22

如果我一步一步地挖掘……

谁是 outlook.com 的授权人?我们来问问 192.35.51.30 (即 f.gtld-servers.net )。

$ dig ns outlook.com @192.35.51.30

; <<>> DiG 9.8.3-P1 <<>> ns outlook.com @192.35.51.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11775
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 5, ADDITIONAL: 10
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;outlook.com.           IN  NS

;; AUTHORITY SECTION:
outlook.com.        172800  IN  NS  nse1.msft.net.
outlook.com.        172800  IN  NS  nse5.msft.net.
outlook.com.        172800  IN  NS  nse2.msft.net.
outlook.com.        172800  IN  NS  nse3.msft.net.
outlook.com.        172800  IN  NS  nse4.msft.net.

;; ADDITIONAL SECTION:
nse1.msft.net.      172800  IN  AAAA    2a01:111:2005::1:1
nse1.msft.net.      172800  IN  A   65.55.37.62
nse5.msft.net.      172800  IN  AAAA    2a01:111:200f:1::1:1
nse5.msft.net.      172800  IN  A   65.55.226.140
nse2.msft.net.      172800  IN  AAAA    2a01:111:2006:6::1:1
nse2.msft.net.      172800  IN  A   64.4.59.173
nse3.msft.net.      172800  IN  A   213.199.180.53
nse3.msft.net.      172800  IN  AAAA    2a01:111:2020::1:1
nse4.msft.net.      172800  IN  A   207.46.75.254
nse4.msft.net.      172800  IN  AAAA    2404:f800:2003::1:1

;; Query time: 97 msec
;; SERVER: 192.35.51.30#53(192.35.51.30)
;; WHEN: Thu Apr  4 13:57:45 2013
;; MSG SIZE  rcvd: 352

向其中一个名称服务器询问答案...

$ dig soa anything.mail.eo.outlook.com @65.55.37.62

; <<>> DiG 9.8.3-P1 <<>> soa anything.mail.eo.outlook.com @65.55.37.62
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19950
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;anything.mail.eo.outlook.com.  IN  SOA

;; AUTHORITY SECTION:
mail.eo.outlook.com.    7200    IN  NS  ns2-prodeodns.glbdns.o365filtering.com.
mail.eo.outlook.com.    7200    IN  NS  ns1-prodeodns.glbdns.o365filtering.com.

;; Query time: 95 msec
;; SERVER: 65.55.37.62#53(65.55.37.62)
;; WHEN: Thu Apr  4 14:36:33 2013
;; MSG SIZE  rcvd: 142

因此区域已被委托,让我们查找委托 NS 的 IP...

$ dig +short ns1-prodeodns.glbdns.o365filtering.com
65.55.169.42
207.46.100.42

然后问他们两个......

$ dig anything.mail.eo.outlook.com @65.55.169.42

; <<>> DiG 9.8.3-P1 <<>> anything.mail.eo.outlook.com @65.55.169.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33481
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;anything.mail.eo.outlook.com.  IN  A

;; ANSWER SECTION:
anything.mail.eo.outlook.com. 10 IN A   213.199.154.87
anything.mail.eo.outlook.com. 10 IN A   213.199.154.23

;; Query time: 55 msec
;; SERVER: 65.55.169.42#53(65.55.169.42)
;; WHEN: Thu Apr  4 14:38:21 2013
;; MSG SIZE  rcvd: 134

$ dig anything.mail.eo.outlook.com @207.46.100.42

; <<>> DiG 9.8.3-P1 <<>> anything.mail.eo.outlook.com @207.46.100.42
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36656
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;anything.mail.eo.outlook.com.  IN  A

;; ANSWER SECTION:
anything.mail.eo.outlook.com. 10 IN A   213.199.154.87
anything.mail.eo.outlook.com. 10 IN A   213.199.154.23

;; Query time: 91 msec
;; SERVER: 207.46.100.42#53(207.46.100.42)
;; WHEN: Thu Apr  4 14:38:31 2013
;; MSG SIZE  rcvd: 134

答案1

我从 named.conf 文件中删除了以下行,现在请求可以正常工作。

查询源地址*端口53;

以下内容是我联系的某人转发给我的……

如您所知,来自 DNS 服务器的 DNS 查询可能来自源端口 53。不久前,由于一些安全问题,BIND 开始允许随机分配端口。但是,DNS 服务器通常配置为使用源端口 53 的传统行为。

例如..查询源地址*端口 53 指令

这样做通常是因为伪装连接背后的端口随机化,或者一些防火墙最终使用了所有大小的缓存和转换表。

这两种方法都同样有效......直到最近。

我们注意到 ATT 和 Microsoft Live 托管域存在问题,即如果 DNS 查询的源端口低于端口 1024,则无法执行 DNS MX 记录查找(无法访问任何服务器)

不用说,这可能会导致电子邮件传递中断。

相关内容