MxAlias - Random MX Aliases

MxAlias - Random MX Aliases

This module is designed to return one or more random aliases using MX (Mail Exchange) records.

It specifically generates a random MX alias record in the format mxalias######.yourdomain.com, where ###### represents a random number.

The idea is that if the client/resolver decides to resolve this further, it will result in the generation of yet another alias, theoretically leading to a resolution of infinite chain of random aliases. In practice, however, most modern resolvers will terminate the resolution after encountering several consecutive alias records.

Note that this feature provides the same functionality as requesting the MX record for the generic alias feature. Responding with multiple records (aliases) in a single response is also supported.

BEWAREThis can potentially lead to amplification effect (DoS) or domain lock-up (DoS).

Category: Aliases

Tags: Amplification, Domain Lock-Up, Denial of Service

RFCs: RFC1035

Format

mxalias.<NUMBER>.yourdomain.com

Where:

  • The <NUMBER> parameter defines how many aliases should be generated in the response.

Examples

By default, it returns a single MX alias:

# dig mxalias.yourdomain.com @127.0.0.1

; <<>> DiG 9.18.10-2-Debian <<>> mxalias.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22668
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mxalias.yourdomain.com.		IN	A

;; ANSWER SECTION:
mxalias.yourdomain.com.	60	IN	MX	0 mxalias261754.yourdomain.com.

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Wed Oct 16 09:37:01 +04 2024
;; MSG SIZE  rcvd: 84

Download PCAP File


Same example as above, but this time we explicitly specify that we want to receive a single MX record:

# dig mxalias.1.yourdomain.com @127.0.0.1

; <<>> DiG 9.18.10-2-Debian <<>> mxalias.1.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2487
;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mxalias.1.yourdomain.com.	IN	A

;; ANSWER SECTION:
mxalias.1.yourdomain.com. 60	IN	MX	0 mxalias874392.1.yourdomain.com.

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Wed Oct 16 09:37:02 +04 2024
;; MSG SIZE  rcvd: 88

Download PCAP File


In this case, we specify that we want to receive five MX aliases:

# dig mxalias.5.yourdomain.com @127.0.0.1

; <<>> DiG 9.18.10-2-Debian <<>> mxalias.5.yourdomain.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27701
;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mxalias.5.yourdomain.com.	IN	A

;; ANSWER SECTION:
mxalias.5.yourdomain.com. 60	IN	MX	0 mxalias61476.5.yourdomain.com.
mxalias.5.yourdomain.com. 60	IN	MX	0 mxalias643759.5.yourdomain.com.
mxalias.5.yourdomain.com. 60	IN	MX	0 mxalias79782.5.yourdomain.com.
mxalias.5.yourdomain.com. 60	IN	MX	0 mxalias431241.5.yourdomain.com.
mxalias.5.yourdomain.com. 60	IN	MX	0 mxalias387799.5.yourdomain.com.

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Wed Oct 16 09:37:04 +04 2024
;; MSG SIZE  rcvd: 270

Download PCAP File


From the same category

See also


Go back to catalogue.