Checkdmarc is failing to capture MX records for google

[gjones-r7]

Checkdmarc is looking up PTR records on IPs associated with found MX records. Anything using Google name servers is currently failing to capture the MX IPs. See:

  checkdmarc google.com -n 8.8.8.8
  ...
  "mx": {
    "hosts": [],
    "error": "All nameservers failed to answer the query 26.138.250.142.in-addr.arpa. IN PTR: Server 8.8.8.8 UDP port 53 answered SERVFAIL"
  },
  ...

Digging into this more, you can see what's happening with the following dig commands:

dig @8.8.8.8 MX google.com
...
google.com.		299	IN	MX	1 aspmx.l.google.com.
...

Then, I dig on aspmx:

dig @8.8.8.8 aspmx.l.google.com
...
aspmx.l.google.com.	292	IN	A	142.250.138.27
...

Then, do a PTR lookup on that (because for some reason checkdmarc is doing that):

dig @8.8.8.8 -x 142.250.138.27
...
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 11299
...

This prompts a few questions:

• Why does checkdmarc need to do PTR lookups on MX IPs?
• Is there any way to prevent checkdmarc from doing these PTR lookups?
• If the PTR lookups are helpful to some people, can it fail more gracefully so that we at least get the MX hostnames and IPs?

Btw, using other nameservers produces the same issue. Google clearly needs to fix something on their end, but receiving mail should work just fine for Google despite these PTR SERVFAILs on their MX IPs, so I think it makes sense to return the relevant data in checkdmarc too.