[SlugBug] [OT] DNS for .com and .net
Chris J
cej at nightwolf.org.uk
Tue Sep 16 20:01:16 BST 2003
Hi people,
Apols for posting this, but it's worth being aware of this, espeically if
you've mail servers to look after. Verisign (for it is them) have seen it
fit to add a wildcard into the root DNS for .COM and .NET domains, so any
invalid domain will now /resolve/, which means mail for invalid domains
will head to Verisign before being bounced back with a 550 invalid domain
message (so expect lots of double bounces in postmaster or Mailer-Daemon).
This will cause havoc with anti-spam measures people add in newsgroup
messages (Verisign may DDOS themselves ;) ), and in the
net.admin.net-abuse.email groups are looking at ways to block email that is
headed to the IP 64.94.110.11, for that is the IP all invalid domains will
now resolve to. There's also talk of this IP (or the /24 netblock) being
border blocked at firewalls.
Needless to say, a number of admins are a tad annoyed with this :)
Thus if you have any script or config that rely on looking up domains in
DNS and checking their validity, they will now almost certainly be broken.
More also at:
http://www.theregister.co.uk/content/6/32852.html
Cheers,
Chris...
--
\ Chris Johnson \ NP: Clannad - 09. World Of Difference
\ cej at nightwolf.org.uk ~-----,
\ http://cej.nightwolf.org.uk/ ~-----------------------------------,
\ Redclaw chat - http://redclaw.org.uk - telnet redclaw.org.uk 2000 \____
More information about the SlugBug
mailing list