I didn't even know there was a .museum...
-------- Original Message --------
Subject: Re: [spamtools] Verisign hijack *.net
Date: Tue, 16 Sep 2003 03:31:30 -0600 (MDT)
From: Bruce Gingery
Reply-To: spamtools(a)lists.abuse.net
To: SpamTools
This is a widespread problem. Vix has been doing this, mostly
unnoticed, with dot-museum for months (perhaps since .museum
startup).
Checking, a few minutes ago...
*.ac A 194.205.62.122
*.cc A 206.253.214.102
*.com A 64.94.110.11
*.cx A 219.88.106.80
*.museum A 195.7.77.20
*.net A 64.94.110.11
*.nu A 64.55.105.9
and A 212.181.91.6
*.sh A 194.205.62.62
*.tm A 194.205.62.62
*.ws A 216.35.187.246
Other domains checked (I don't THINK I missed any active ones, but
could have missed a recently-activated ccTLD) do NOT have this
bogus behaviour.
RCFDNS + FCRDNS is now a NECESSITY -
for client of an smtp connection
for HELO/EHLO parameter
for domain of sender
hacks and patches welcome. Remember, sendmail 8.11.x does NOT
have the "dns" map, and 8.12.x recently had bad code in that
same map.
There is only so much you can do with:
$[ $]
K<name> host
K<name> bestmx
etc. For those stuck with 8.11 or below binaries, and no ready-
to-use MILTER on their OS, this may require a regexp to sanitize,
followed by an external program map.
Meanwhile, any FCRDNS, and RCFDNS provisions are helpful, especially
if you bogus the PNAP nameservers doing VeriSign's rdns for 64.94.110.11
and comparable DNS servers for other bogus domain resolutions.