Just don't ask about .coop or .pro :-)
DPF
On Tue, 16 Sep 2003 21:37:57 +1200, Juha Saarinen
I didn't even know there was a .museum...
-------- Original Message -------- Subject: Re: [spamtools] Verisign hijack *.net Date: Tue, 16 Sep 2003 03:31:30 -0600 (MDT) From: Bruce Gingery
Reply-To: spamtools(a)lists.abuse.net To: SpamTools This is a widespread problem. Vix has been doing this, mostly unnoticed, with dot-museum for months (perhaps since .museum startup).
Checking, a few minutes ago...
*.ac A 194.205.62.122
*.cc A 206.253.214.102
*.com A 64.94.110.11
*.cx A 219.88.106.80
*.museum A 195.7.77.20
*.net A 64.94.110.11
*.nu A 64.55.105.9 and A 212.181.91.6
*.sh A 194.205.62.62
*.tm A 194.205.62.62
*.ws A 216.35.187.246
Other domains checked (I don't THINK I missed any active ones, but could have missed a recently-activated ccTLD) do NOT have this bogus behaviour.
RCFDNS + FCRDNS is now a NECESSITY -
for client of an smtp connection
for HELO/EHLO parameter
for domain of sender
hacks and patches welcome. Remember, sendmail 8.11.x does NOT have the "dns" map, and 8.12.x recently had bad code in that same map.
There is only so much you can do with:
$[ $] K<name> host K<name> bestmx
etc. For those stuck with 8.11 or below binaries, and no ready- to-use MILTER on their OS, this may require a regexp to sanitize, followed by an external program map.
Meanwhile, any FCRDNS, and RCFDNS provisions are helpful, especially if you bogus the PNAP nameservers doing VeriSign's rdns for 64.94.110.11 and comparable DNS servers for other bogus domain resolutions.
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
-- Blog: http://www.kiwiblog.co.nz E-mail: david(a)farrar.com ICQ: 29964527 MSN: dpf666(a)hotmail.com