researchtoolssurveys DNSFactory



The following text describes past open DNS resolver surveys and an associated DNS lookup service that has been long shut down. The text below is preserved here for historical reasons only. Measuremrent Factory has never operated an email blacklist and no longer provides a lookup service that can be abused by others for blocking emails.

If your email is being blocked, please contact the service blocking it. It is not us, even if the blocking message refers to an openresolvers domain mentioned on this page.


We have an ongoing survey that looks for open DNS resolvers. A DNS resolver is open if it provides recursive name resolution for clients outside of its administrative domain. Open DNS resolvers are a bad idea for a few reasons:

  • They allow outsiders to consume resources that do not belong to them.
  • Attackers may be able to poison the cache of an open resolver.
  • Open resolvers are being used in widespread DDoS attacks with spoofed source addresses and large DNS reply messages.

As with open SMTP relays, open DNS resolvers are now being abused by miscreants to further pollute the Internet.

Testing Methodology

We send a DNS query to a target IP address for a name in the domain. If our authoritative server for that domain receives the same query, the target IP address is running an open resolver.

Target IP addresses are tested no more than once every three days.

The list of target IP addresses comes from a few sources:

  • Known recursive nameservers. If your recursive nameserver queries one of our authoritative nameservers, we'll test it. Please contact us (info at if you are interested in providing a feed of target IP addresses from your own authoritative nameservers.
  • Known authoritative nameservers.
  • The database lookup web interface (see below).

Database Lookup


Please see our Open Resolver Check interface. Here you may enter your own IP address (or someone else's address) for immediate testing.

You may also use our Network Query tool to see a list of open resolvers on your network.


You may also query our DNSBL using the zone. For example:

    $ dig +short

A response of means that the address in question is open for recursion. An ``NXDomain'' response means that the address is either not open, or has not been probed yet.

We also have an easy way for you to find out if your own local DNS resolver is open. If you have the dig command on your system, simply run:

    $ dig +short TXT
If you're stuck with nslookup, try this:
    $ nslookup
    > set type=TXT

Daily AS Number Reports

We have an archive of daily reports showing the number of open resolvers for each Autonomous System number. Here is the most recent report.

Additional Resources

© 2020 The Measurement Factory.