I don't believe you are correct, even though I do abhor the process. Many anti-spam will do lookups of the sender's domain, yes. And that part will break. Of course, I'd just set any domain which resolves to the Verisign IP address as an instant reject - problem solved.
However, a reverse lookup is of the sender's IP address, and if it maps to a domain name. That part won't change, as I don't think they added a wildcard PTR record. -------------------------------------------------------------- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. > -----Original Message----- > From: Jason Clishe [mailto:[EMAIL PROTECTED] > Sent: Wednesday, September 17, 2003 11:22 PM > To: Exchange Discussions > Subject: RE: All .COM / .NET domain names now exist > > > I'm surprised how quiet this group is being regarding this > issue. This has potentially enormous ramifications. For one > thing, this effectively breaks reverse-DNS lookups that > anti-spam applications use to verify sending domains as being valid. > > Come on now, Verisign is masking the difference between a > valid domain and NXDOMAIN for > all protocols, all users, and all software. Doesn't anyone > here have an opinion? > > Jason > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] Behalf Of > > [EMAIL PROTECTED] > > Sent: Monday, September 15, 2003 8:02 PM > > To: Exchange Discussions > > Subject: All .COM / .NET domain names now exist > > > > > > > > [My apologies for the cross-post, but this has the potential > > to impact just > > about everybody who uses the Internet...] > > > > As of a little while ago (it is around 7:45 PM US Eastern > > on Mon 15 Sep > > 2003 as I write this), VeriSign added a wildcard A record to > > the .COM and > > .NET TLD DNS zones. The IP address returned is > > <64.94.110.11>, which reverses > > to <sitefinder.verisign.com>. > > > > What that means in plain English is that most mis-typed > > domain names that > > would formerly have resulted in a helpful error message now > > results in a > > VeriSign advertising opportunity. For example, if my > domain name was > > "somecompany.com", and somebody typed "soemcompany.com" by > > mistake, they > > would get VeriSign's advertising. > > > > (VeriSign is a company which purchased Network Solutions, > > another company > > which was given the task by the US government of running the > > .COM and .NET > > top-level domains (TLDs). VeriSign has been exploiting the > > Internet's DNS > > infrastructure ever since.) > > > > This will have the immediate effect of making network > > trouble-shooting > > much more difficult. Before, a mis-typed domain name in an > > email address, > > web browser, or other network configuration item would result > > in an obvious > > error message. You might not have known what to do about it, > > but at least > > you knew something was wrong. Now, though, you will have to > > guess. Every > > time. > > > > Some have pointed out that this will make an important > > anti-spam check > > impossible. A common anti-spam measure is to check and make > > sure the domain > > name of the sender really exists. (While this is easy to > force, every > > little bit helps.) Since all .COM and .NET domain names now > > exist, that > > anti-spam check is useless. > > > > VeriSign's commentary: > > > > http://www.verisign.com/resources/gd/sitefinder/implementation.pdf > > http://www.verisign.com/resources/gd/sitefinder/bestpractices.pdf > > > > Third-party reference: > > > > http://www.cbronline.com/latestnews/d04afc52ae9da2ee80256d9c0018be8b > > > > -- > > Ben Scott <[EMAIL PROTECTED]> > > | The opinions expressed in this message are those of the > > author and do | > > | not represent the views or policy of any other person or > > organization. | > > | All information is provided without warranty of any kind. > > | > > > > > > _________________________________________________________________ > > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > > Web Interface: > > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t > ext_mode=&lang=english > To unsubscribe: mailto:[EMAIL PROTECTED] > Exchange List admin: [EMAIL PROTECTED] > > _________________________________________________________________ > List posting FAQ: http://www.swinc.com/resource/exch_faq.htm > Web Interface: > http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&t ext_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED] _________________________________________________________________ List posting FAQ: http://www.swinc.com/resource/exch_faq.htm Web Interface: http://intm-dl.sparklist.com/cgi-bin/lyris.pl?enter=exchange&text_mode=&lang=english To unsubscribe: mailto:[EMAIL PROTECTED] Exchange List admin: [EMAIL PROTECTED]
