1.1.1.1 cannot resolve slack.com domains and its subdomains for verizon fios customers

At slack we got reports of 1.1.1.1 responding with REFUSED for slack . com queries for east coast users using Verizon Fios.

$ dig @1.1.1.1 slack.com

; <<>> DiG 9.10.6 <<>> @1.1.1.1 slack.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 24257
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;slack.com.			IN	A

;; Query time: 56 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Tue Nov 29 14:11:12 EST 2022
;; MSG SIZE  rcvd: 38

seems very similar to this other thread 1.1.1.1 cannot resolve ovh.net domains and its subdomains

We tried to purge the cache for slack domains but that didn’t appear to have any results.

1 Like

Seeing the same. On Fios as well. 1.1.1.1 DoH

https://1.1.1.1/help#eyJpc0NmIjoiWWVzIiwiaXNEb3QiOiJObyIsImlzRG9oIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjEuMS4xIjoiWWVzIiwicmVzb2x2ZXJJcC0xLjAuMC4xIjoiWWVzIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTExMSI6Ik5vIiwicmVzb2x2ZXJJcC0yNjA2OjQ3MDA6NDcwMDo6MTAwMSI6Ik5vIiwiZGF0YWNlbnRlckxvY2F0aW9uIjoiRVdSIiwiaXNXYXJwIjoiTm8iLCJpc3BOYW1lIjoiQ2xvdWRmbGFyZSIsImlzcEFzbiI6IjEzMzM1In0=

Hi,

Thanks for the report.

We saw random prefix attack for slack.com domain and queries were refused because of automatic attack mitigation. We have currently disabled automatic attack mitigation for slack.com coming from select networks.

Can you please check again ?

Thanks

It appears to be working again!

Thank you for the prompt response.

1 Like

Hi,

Update: we have temporarily disabled automatic attack mitigation on slack.com domains everywhere. We are looking at improving detection of valid names while still blocking random prefix attacks.

Thanks

can confirm, seems fine here now too.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.