[Wylug-help] VeriSign Breaks DNS
Jon Stockill
jon at stockill.org.uk
Tue Sep 16 14:05:28 BST 2003
On Tue, 16 Sep 2003, Gavin Harris wrote:
> Hello All,
>
> Verisign have gone and added a wildcard DNS entry for .com and .net TLD's: -
>
> http://slashdot.org/article.pl?sid=03/09/16/0034210
>
> What do people think?
>
> Does anyone have any ideas on how to go about dealing with this, from
> the mailserver view of things? Mine currently rejects any mail where the
> sender has an nonexistent domain, but now all .com and .net domains
> exist.....
There are several options:
1. Reject where the A record points to verisign's server.
2. Fix your nameservers so they return NXDOMAIN instead of the A record
for verisign's server.
3. (possibly the most amusing, but largely useless, as suggested on
another list) Give verisign a call and tell them you don't agree with the
T&C's of their search engine, and you'd be grateful if they'd stop
returning address records to it :-)
--
Jon Stockill
jon at stockill.org.uk
More information about the Wylug-help
mailing list