[olug] VeriSign
Andrew Holm-Hansen
olug at einer.org
Wed Sep 17 14:18:00 UTC 2003
This issue has been partially solved by a patch to Bind that returns
NXDOMAIN for anything that resolves to that ip (and I hope they have a
dynamic solution in the works or working as well).
This is definitely an issue worth keeping tabs on. It's also great
reason to go with opennic.
I can't wait until alternative root servers start cropping up. Good
thing I have my ip address memorized. :)
Andrew
On Wed, 2003-09-17 at 01:07, Sean Kelly wrote:
> I apologize for the non-Linux/BSD nature of this e-mail, but I think it is
> an issue worth semi-spamming about.
>
> For those of you who haven't noticed or heard about it yet, VeriSign (the
> company that controls .COM and .NET) has added wildcard A records to
> the top-level domains they control. As a result, any unregistered .com or
> .net domain you attempt to go to will now take you to their site.
>
> For example, check out http://fwelkjfdslkdfwiodiodfsklsdfljkfs.net
>
> $ host fwelkjfdslkdfwiodiodfsklsdfljkfs.net
> fwelkjfdslkdfwiodiodfsklsdfljkfs.net has address 64.94.110.11
>
> It also runs a SMTP server which doesn't even look at the content of the
> commands being sent to it:
>
> 220 snubby3-wceast Snubby Mail Rejector Daemon v1.3 ready
> > HELLO THERE
> 250 OK
> > HOW ARE YOU?
> 250 OK
> > OK?
> 550 User domain does not exist.
> > GOODBYE
> 250 OK
> > HELLO?
> 221 snubby3-wceast Snubby Mail Rejector Daemon v1.3 closing transmission channel
>
>
> As you can imagine, this breaks many Internet applications when handling
> the case of a typo. It also breaks spam checking software which checks to
> ensure a domain exists. It also puts VeriSign in a position to have
> advertising on all .com and .net typos.
>
> If you find this as disgusting as I do, I highly suggest you do the
> following:
>
> Read this Slashdot article about it:
> http://slashdot.org/article.pl?sid=03/09/16/0034210
>
> E-mail ICANN and let them know that you are not pleased with VeriSign's
> business practices:
> comments at icann.org
>
> "Sign" this petition:
> http://www.petitiononline.com/badnsi/petition.html
>
> If you are really proactive and outgoing, call and complain to ICANN and
> the Department of Commerce.
>
> Thanks.
More information about the OLUG
mailing list