[olug] VeriSign

Andrew Holm-Hansen olug at einer.org
Wed Sep 17 14:18:00 UTC 2003 

This issue has been partially solved by a patch to Bind that returns
NXDOMAIN for anything that resolves to that ip (and I hope they have a
dynamic solution in the works or working as well).

This is definitely an issue worth keeping tabs on. It's also great
reason to go with opennic.  

I can't wait until alternative root servers start cropping up.  Good
thing I have my ip address memorized.  :)

Andrew 

On Wed, 2003-09-17 at 01:07, Sean Kelly wrote:
> I apologize for the non-Linux/BSD nature of this e-mail, but I think it is
> an issue worth semi-spamming about.
> 
> For those of you who haven't noticed or heard about it yet, VeriSign (the
> company that controls .COM and .NET) has added wildcard A records to
> the top-level domains they control. As a result, any unregistered .com or
> .net domain you attempt to go to will now take you to their site.
> 
> For example, check out http://fwelkjfdslkdfwiodiodfsklsdfljkfs.net
> 
> $ host fwelkjfdslkdfwiodiodfsklsdfljkfs.net
> fwelkjfdslkdfwiodiodfsklsdfljkfs.net has address 64.94.110.11
> 
> It also runs a SMTP server which doesn't even look at the content of the
> commands being sent to it:
> 
> 220 snubby3-wceast Snubby Mail Rejector Daemon v1.3 ready
> > HELLO THERE
> 250 OK
> > HOW ARE YOU?
> 250 OK
> > OK?
> 550 User domain does not exist.
> > GOODBYE
> 250 OK
> > HELLO?
> 221 snubby3-wceast Snubby Mail Rejector Daemon v1.3 closing transmission channel
> 
> 
> As you can imagine, this breaks many Internet applications when handling
> the case of a typo. It also breaks spam checking software which checks to
> ensure a domain exists. It also puts VeriSign in a position to have
> advertising on all .com and .net typos.
> 
> If you find this as disgusting as I do, I highly suggest you do the
> following:
> 
> Read this Slashdot article about it:
>      http://slashdot.org/article.pl?sid=03/09/16/0034210
> 
> E-mail ICANN and let them know that you are not pleased with VeriSign's
> business practices:
>      comments at icann.org
> 
> "Sign" this petition:
>      http://www.petitiononline.com/badnsi/petition.html
> 
> If you are really proactive and outgoing, call and complain to ICANN and
> the Department of Commerce.
> 
> Thanks.

More information about the OLUG mailing list