Getting thousands of 'hits' by api.dropbox.com

I had lots of api.dropbox.com queries in my 'Top Permitted Domains' list - it was top of the list. I no longer use Dropbox, so I terminated my account and cleaned it from my Ubuntu system. I then blacklisted api.dropbox.com, hoping that that would be the last I see of it. Now it's top of the 'Top Blocked Domains' list with tens of thousands of hits.

How do I stop all this 'noise' from api.dropbox.com, please?
Jim

Find the client that is making the queries, and stop them at the source.

2 Likes

This generally speaks for a badly engineered application. It should cache its DNS requests.

If you check out the Query Log (you can click on the domain on in the "Top Permitted Domains" list), how often does this query appear? And what operating systems are you using on the requesting clients?

Many thanks 'DL6ER'.

I did click on the domain in the Query Log, but got an error. I'd then remembered that my NAS had a Dropbox setting, so I turned off the NAS, and the hits stopped. I then turned off Dropbox on the NAS and all's OK now.

Now top of the Permitted Domains is an ota domain. It's my Zigbee coordinator. I'd flashed it with Tasmota and it appears to be checking for updates at intervals. I don't see a way of stopping this. Is there any way of getting Pihole to ignore it (rather than block it) in order to avoid cluttering the logs?
Jim

I guess that when Dropbox client gets a failed resolve response it starts flooding DNS server attempting to get a proper resolve ASAP.

When the IP is resolved, I guess Windows DNS client caches it, IDK if apps should do it too, but I agree that not all connection requests should require DNS query. And TCP connections should remain alive and not require frequent reconnections. But, when DNS resolves to 0.0.0.0 and an app gets on a few-seconds loop trying to connect, what should OS DNS client do?

settings.php?tab=api > Top Lists section. Add there the domains u don't want listed on Dashboard lists.

Oh wow, so there must have been really a lot of them.

No, not really. Tasmota is a nice idea, but strange in some parts. E.g., all Tasmota-powered devices resolve pool.ntp.org once per hour. However, I do not see any ota. domains being queried from my devices (Tasmota 9.1.0), which domain is this exactly?

One cache suffices. The app wont have to do it in addition. Does Windows have a DNS cache? And why Windows?

They appeared under "top permitted domains" originally so they were not blocked in any way.

I know Windows has a service that's DNS client. IDK how exactly it works, in the past it was crashing on me and making me reboot whole OS to get it working again. Thankfully I restored backup from before it started happening then just disabled it.

What I meant is that it's my understanding that DNS caching is OS responsibility and I don't see why apps should do it again.

Yes, I agree. I phrased it misleadingly above. Clients should cache DNS requests.

@DL6ER

The update link for Tasmota on my Zigbee Coordinator is:
http://thehackbox.org/tasmota/release/tasmota.bin.
I guess that the coordinator keeps asking if there is an update.
(The 'domain' is on my lan - 192.168.1.15)

Jim