Thats
why you are supposed to use fex .loc
This
is a deathsin in my opinion
if fex
someone register this domain u use and then someone on the inside want to send
an email to to them it will never get trough !!!!
Jesus
this is so basic in AD i thought most people know about those
failures
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matthew Bramble Sent: 22. september 2003 19:40 To: [EMAIL PROTECTED] Who says that I have to register the domain that Active
Directory is using? My Active Directory name isn't intended to be used on
the Internet. In most installations, you look to your own Active Directory
server first for the lookups, so if it exists on the Internet it won't
interfeer...until now.
I think this is one of the issues that ICANN was talking about concerning how the change can have unintended consequences (besides spam blockers). This also looks to be a problem in general with how Microsoft delegates lookups. Their software shouldn't take the root of your Active Directory tree and then append sub-domains to it and turn to the root servers for resolution. That appears to be a security risk if you ask me, and it doesn't make sense to do. Matt John Tolmachoff (Lists) wrote: Ah yes, using an unregistered domain name with a real TLD is a no-no. When are people using AD going to get this? AD must be configured correctly or else problems will come up when you least expect it. John Tolmachoff MCSE CSSA Engineer/Consultant eServices For You www.eservicesforyou.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Matthew Bramble Sent: Monday, September 22, 2003 12:52 AM To: [EMAIL PROTECTED] Subject: Re: [Declude.JunkMail] VeriSteal is stealing traffic from your domain. I figured it out. The problem is definitely with Active Directory. Turning off DNS Client on the local server only created a situation where their first bogus sub-domain would timeout but a retry would still go to SiteFinder. Here's what nslookup returns when directed at the DNS server on the co-located machine (not running Active Directory):adsfadsfasfdadsf.declude.comServer: ns1.igaia.com Address: 208.7.179.11 Non-authoritative answer: Name: adsfadsfasfdadsf.declude.com.primary.igaiaoffice.com Address: 64.94.110.11 That's the bogus sub-domain appended to my local Active Directory domain (replaced for security with an equivalent). The issue relates to the fact that my real Active Directory domain name is not registered and lies in the .com namespace, so when the lookup fails on the primary server, it goes back to the local Active Directory server and appends the lookup that produces no match to my unregistered Active Directory name, which returns the IP for SiteFinder. If I registered my Active Directory name, I wouldn't be directed to SiteFinder. Make sense now? Matt |
RE: [Declude.JunkMail] VeriSteal is stealing traffic from your domain.
ISPhuset Nordic / Benny Samuelsen Mon, 22 Sep 2003 11:13:15 -0700
- RE: [Declude.JunkMail] VeriSteal is stea... ISPhuset Nordic AS
- Re: [Declude.JunkMail] VeriSteal is... Matthew Bramble
- Re: [Declude.JunkMail] VeriStea... Bill Landry
- Re: [Declude.JunkMail] Veri... Matthew Bramble
- Re: [Declude.JunkMail] ... Bill Landry
- Re: [Declude.JunkMail] ... Matthew Bramble
- RE: [Declude.JunkMail] ... ISPhuset Nordic AS
- Re: [Declude.JunkMail] ... Bill Landry
- RE: [Declude.JunkMail] ... John Tolmachoff \(Lists\)
- Re: [Declude.JunkMail] ... Matthew Bramble
- Re: [Declude.JunkMail] ... ISPhuset Nordic / Benny Samuelsen
- Re: [Declude.JunkMail] ... Matthew Bramble
- RE: [Declude.JunkMail] ... ISPhuset Nordic / Benny Samuelsen
- Re: [Declude.JunkMail] ... Matthew Bramble
- RE: [Declude.JunkMail] ... ISPhuset Nordic / Benny Samuelsen
- RE: [Declude.JunkMail] ... John Tolmachoff \(Lists\)
- RE: [Declude.JunkMail] ... Andy Schmidt
- RE: [Declude.JunkMail] ... John Tolmachoff \(Lists\)
- Re: [Declude.JunkMail] ... Joshua Levitsky
- RE: [Declude.JunkMail] ... ISPhuset Nordic / Benny Samuelsen
- RE: [Declude.JunkMail] ... Keith Anderson