Community discussions

MikroTik App
  4. l雷竞技
  5. Beginner Basics

Different DNS TXT answers.

Post Reply
n1kt0
刚刚加入了
Topic Author
Posts: 12
加入: Sun Dec 07, 2014 9:44 pm

Different DNS TXT answers.

Fri Jul 10, 2020 4:08 pm

Hello.

也许我不stand something.
Trying to get domainkey on my server.

192.168.6.1 - Mikrotik RB760iGS

ios版雷竞技官网入口
routerboard: yes
board-name: hEX S
model: RB760iGS
serial-number: A8150A06DE18
firmware-type: mt7621L
factory-firmware: 6.43.10
current-firmware: 6.46.1
upgrade-firmware: 6.47

package 6.47

Code:Select all 
dig mail2._domainkey.mail.ru TXT @192.168.6.1 ;; ANSWER SECTION: mail2._domainkey.mail.ru. 429 IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN" dig mail2._domainkey.mail.ru TXT @8.8.8.8 ;; ANSWER SECTION: mail2._domainkey.mail.ru. 284 IN TXT "v=DKIM1\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GN" "ADCBiQKBgQC8msGcERt9i1AqEs6Dl5n0btBDj4W3IjzNg1xA" "ExTn1Wb7wjRk9ed8oJ6Xnxn2jSYwbt3G65lW8LK/8vVdx2ar" "FexHgKmOXT5RKIeiYFkHmLEtycrRkyJHr6n7rsjwlFSayXnx" "rM0xbum3oHXgNJUI1XQXJNoQPmAXoMCbi2yB7QIDAQAB"
Is it normal that the answers are different?
Top
Sob
Forum Guru
Forum Guru
Posts: 9185
加入: Mon Apr 20, 2009 9:11 pm

Re: Different DNS TXT answers.

Fri Jul 10, 2020 5:03 pm

No. And there's definitely something weird. This exact query works fine with older RouterOS versions. I don't have 6.47 anymore, but with 6.47.1 and 6.48beta it fails completely. Packet sniffer shows that RouterOS sends query to upstream resolver, but ignores received answer and reports server failure to client.
Top
n1kt0
刚刚加入了
Topic Author
Posts: 12
加入: Sun Dec 07, 2014 9:44 pm

Re: Different DNS TXT answers.

Fri Jul 10, 2020 6:26 pm

Hello.
Sob, thanks for the answer.

Yes, I updated the firmware a week ago and found that my mail server began sending letters from mail.ru to spam.
This has not happened before.

X-Spam-Status: Yes, score=9.811 required=4 tests=[BAYES_00=-1.9,
DKIM_INVALID=0.1, DKIM_SIGNED=0.1,DMARC_FAIL_REJECT=9,
FREEMAIL_FROM=0.001, GB_FREEMAIL_DISPTO=0.499, HTML_MESSAGE=0.001,
RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_PASS=-0.001,
SPOOFED_FREEMAIL=1.999, SURBL_BLOCKED=0.001, T_SPF_TEMPERROR=0.01,

Authentication-Results: mail.test.com (amavisd-new); dkim=neutral
reason="invalid (public key: OpenSSL error: too long)"
header.d=mail.ru

I reconfigured the mail server to public DNS and everything began to work correctly.

It is strange that no one else has discovered such a situation.
Top
Sob
Forum Guru
Forum Guru
Posts: 9185
加入: Mon Apr 20, 2009 9:11 pm

Re: Different DNS TXT answers.

Fri Jul 10, 2020 6:58 pm

It's a bug. I reported it in6.48beta thread, so it should get noticed and hopefully fixed soon.
Top
Post Reply

Who is online

Users browsing this forum:gkoleff,Ospensenand 11 guests
  4. l雷竞技
  5. Beginner Basics