At 4:33 PM -0600 9/16/03, LuKreme wrote: >At 1:22 PM -0500 9/16/03, Joe Laffey wrote: >>They must be both because <anything>.com or <anything>.net resolves to a >>verisign ip, bot with an A and an MX. ANY mail sent to a non-existent >>domain under .com or .net will actually go to Verisign's SMTP server. They >>will log the from address (and probably sell it if you read their privacy >>policy). They also COULD keep a copy of the entire message, since it would >>be on their server. >> >>Write and complain NOW in two ways: >> >>email [EMAIL PROTECTED] >> >>and go here: >> >>http://reports.internic.net/cgi/registrars/problem-report.cgi >> >> >>ICANN *has* responded to overwhelming feedback to Verisign isiocy in the >>past. but WE MUST ALL CONTACT THEM RIGHT AWAY! > >I kinda like the idea of billions and billions of spam emails being >routed to verisign. All those munged doamins in usenet posts? > ><cackle> > My personal <cackle> was considering setting some-bad-domain.com up as my backup MX, so they get all the backup MX spam. However, my server does go down occasionally and I'd hate to lose mail. It looks like they fscked up (the 250 response on the second recipient) the SMTP responder, too.
Here's a transcript of a telnet session: (source: http://www.haque.net/verisign_dns_rant.php) >tested at 22:30 hours EDT on September 15: >% telnet asijfoawiejawoef.com 25 >Trying 64.94.110.11... >Connected to sitefinder-idn.verisign.com. >Escape character is '^]'. >220 snubby1-wceast Snubby Mail Rejector Daemon v1.3 ready >help >250 OK >mail from: <[EMAIL PROTECTED]> >250 OK >rcpt to: <[EMAIL PROTECTED]> >550 User domain does not exist. >rcpt to: <[EMAIL PROTECTED]> >250 OK >data >221 snubby1-wceast Snubby Mail Rejector Daemon v1.3 closing transmission >channel >From the VeriSign TLD Wildcard Best Practices document (http://www.verisign.com/resources/gd/sitefinder/bestpractices.pdf) >"In some cases it may be appropriate to not provide services at all, using >appropriate application or network error responses to inform the client >that services are unavailable." I think that [EMAIL PROTECTED] needs to be informed that the DNS resolution for wildcards is inappropriate, and that application or network error responses should be used instead. >ok ok, I'm off to complain. > >maybe someone should draw up a suggested email? I can't quote the relevant RFC that they're violating, probably STD 3 or STD 13, where it talks about returning a NE or a 3 for authoritative "nonexistant domain", but that should be in there. The guy on the web page listed above has the following advice: > >I encourage everyone to call up their ISP and explain that you have typed >in an non-existant domain name and been directed to VeriSign's SiteFinder >service. Tell them that you have read the Terms Of Use linked at the >bottom of their page and that you do not agree to their terms and thus >forbidden from using their service. Demand that they do something and >exclude your IP/account from getting redirected to SiteFinder. -- Michael Croft http://www.whiterose.org/michael SAM: It's 106 miles to the Crack of Doom. We've got a magic ring, two daggers, it's dark, and we're wearing sunglasses FRODO: Hit it. ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
