[olug] VeriSign

Sean Kelly smkelly at zombie.org
Wed Sep 17 06:07:41 UTC 2003


I apologize for the non-Linux/BSD nature of this e-mail, but I think it is
an issue worth semi-spamming about.

For those of you who haven't noticed or heard about it yet, VeriSign (the
company that controls .COM and .NET) has added wildcard A records to
the top-level domains they control. As a result, any unregistered .com or
.net domain you attempt to go to will now take you to their site.

For example, check out http://fwelkjfdslkdfwiodiodfsklsdfljkfs.net

$ host fwelkjfdslkdfwiodiodfsklsdfljkfs.net
fwelkjfdslkdfwiodiodfsklsdfljkfs.net has address 64.94.110.11

It also runs a SMTP server which doesn't even look at the content of the
commands being sent to it:

220 snubby3-wceast Snubby Mail Rejector Daemon v1.3 ready
> HELLO THERE
250 OK
> HOW ARE YOU?
250 OK
> OK?
550 User domain does not exist.
> GOODBYE
250 OK
> HELLO?
221 snubby3-wceast Snubby Mail Rejector Daemon v1.3 closing transmission channel


As you can imagine, this breaks many Internet applications when handling
the case of a typo. It also breaks spam checking software which checks to
ensure a domain exists. It also puts VeriSign in a position to have
advertising on all .com and .net typos.

If you find this as disgusting as I do, I highly suggest you do the
following:

Read this Slashdot article about it:
     http://slashdot.org/article.pl?sid=03/09/16/0034210

E-mail ICANN and let them know that you are not pleased with VeriSign's
business practices:
     comments at icann.org

"Sign" this petition:
     http://www.petitiononline.com/badnsi/petition.html

If you are really proactive and outgoing, call and complain to ICANN and
the Department of Commerce.

Thanks.

-- 
Sean Kelly         | PGP KeyID: D2E5E296
smkelly at zombie.org | http://www.zombie.org


More information about the OLUG mailing list