Okay, one example here, (and this one is from a valid domain name
of someone legitimately trying to email one of our customers).
domain: impuls-service.at
registrant: IBG1288778-NICAT
admin-c: PL517874-NICAT
admin-c: CR897998-NICAT
tech-c: CR897998-NICAT
zone-c: CR897998-NICAT
nserver: dns1.outsourced.at
remarks: 212.183.22.34
nserver: dns2.outsourced.at
remarks: 212.183.22.35
changed: 20030909 10:42:24
source: AT-DOM
dig impuls-service.at MX
; <<>> DiG 9.2.3rc2 <<>> impuls-service.at MX
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53652
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;impuls-service.at. IN MX
;; ANSWER SECTION:
impuls-service.at. 86249 IN MX 50 mx2.outsourced.at.
impuls-service.at. 86249 IN MX 10 mail.impuls-service.at.
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 20 14:32:16 2004
;; MSG SIZE rcvd: 87
dig impuls-service.at TXT
; <<>> DiG 9.2.3rc2 <<>> impuls-service.at TXT
;; global options: printcmd
;; connection timed out; no servers could be reached
This is not the only case where we have seen this so far, but it is probably
the best example as it was relating to completely legitimate email.
Cheers,
Simon.