>> By the way, the worm does not only include its own SMTP service. It >> seems to also include its own DNS code, probably in order to get the MX >> records of its targets. This DNS agent is parameterized to start any >> look-up at the A-root, with the side effect of overloading this root >> server. > > Does this mean we can stop the virus and associated spam just by switching > off the A root?
I would suggest that you engage in serious testing before trying anything like that! -- Christian Huitema
