MX records not served in my location

When I try to query MX records for any domain on I just get an empty response. CNAMEs, As, and other records show just fine. Also is not responding. Could it be that my ISP is blocking the requests? But then why only MX records?

Your ISP might possibly hijack requests to What about

Which operating system are you using?

Thanks for your response. I called my ISP and they deny any DNS filtering or anything, they say they will investigate on their side. And only MX records are affected, not any other which is weird.

The same with and also and with the same error. https to also not working. Running dig (linux openSUSE) I get this:

❯ dig MX @

; <<>> DiG 9.18.4 <<>> MX @
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 27626
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 512
;                      IN      MX

;; Query time: 16 msec
;; WHEN: Mon Aug 01 13:32:56 -05 2022
;; MSG SIZE  rcvd: 37

tcdump shows this:

13:33:15.816089 enp9s0u2u1u2 Out IP > 928+ [1au] MX? (49)
13:33:15.829652 enp9s0u2u1u2 In  IP > 928 Refused 0/0/1 (37)

Note the status: REFUSED

What’s the output of this command?

curl -H 'accept: application/dns-json' ''
❯ curl -H 'accept: application/dns-json' ''
curl: (7) Failed to connect to port 443 after 1044 ms: No route to host


❯ tracepath
 1?: [LOCALHOST]                      pmtu 1500
 1:                                           8.192ms 
 1:                                           3.707ms 
 2:                                         7.012ms 
 3:  no reply
 4:                                        21.609ms 
 5:                                       19.161ms 
 6:                                      14.243ms !H
     Resume: pmtu 1500 


❯ ping
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=59 time=17.2 ms
64 bytes from icmp_seq=2 ttl=59 time=13.5 ms
64 bytes from icmp_seq=3 ttl=59 time=13.6 ms
64 bytes from icmp_seq=4 ttl=59 time=16.6 ms
64 bytes from icmp_seq=5 ttl=59 time=11.9 ms
64 bytes from icmp_seq=6 ttl=59 time=15.6 ms
--- ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5007ms
rtt min/avg/max/mdev = 11.941/14.757/17.221/1.876 ms

It really seems as if your ISP is hijacking that address.

What do these commands show?

curl -H 'accept: application/dns-json' ''
dig MX @
dig MX @

Well, that pretty much says it - your ISP appears to hijack these IP addresses.

I get similar results. When I try other DNS servers I get correct responses. The ping times to Cloudflare are much higher and the traceroute also much longer. ISP responded that they might have some DNS caching for Cloudflare and public google dns that might be misconfigured.

Is DNS caching politically correct for address hijacking? :wink:

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.