I recently started noticing a couple of iOS devices on my network sending full URL as a DNS request. Because these are invalid, they seem to bypass the blacklists. Fortunately, the upstream servers I'm using are responding NXDOMAIN or N/A. However, I wonder if a "smarter" DNS upstream would know to parse out the domain and respond. I've only included screen shots for https://app-measurement.com/sdk-exp requests, but I'm seeing others. app-measurement.com is in my block lists.
Clicking the Blacklist button just generates an error "Domain https://app-measurement.com/sdk-exp is not a valid domain because it contains invalid characters.
Added 0 out of 1 domains"
Is anyone else seeing this behavior from iOS devices?
DNS servers expect to receive domain names in queries, and respond accordingly. If the name they receive in the query doesn't resolve to a valid IP from the nameservers, they return NXDOMAIN.
This is also why you can't blacklist the query - it is not a domain.
In this case, the problem lies with the clients sending malformed DNS queries.
