[plug] verisign DNS breakage - bind patch FYI

Bret Busby bret at busby.net
Wed Sep 17 00:53:39 WST 2003 

On Tue, 16 Sep 2003, Craig Ringer wrote:

> Date: Tue, 16 Sep 2003 21:58:59 +0800
> From: Craig Ringer <craig at postnewspapers.com.au>
> Reply-To: plug at plug.linux.org.au
> To: support at iinet.net.au
> Subject: [plug] verisign DNS breakage - bind patch FYI
> 
> Hi folks
> 
> If it's of any use for customers severely affected by the verisign DNS 
> breakage (the new .net/.com wildcard A record), I've found a preliminary 
> patch to BIND.
> 
> http://achurch.org/bind-verisign-patch.html
> 
> As the author notes, this is not production quality, and only applies to 
> bind8. It may be worth informing your tech support staff of, however, in 
> case you have customers using BIND8 locally who are severly affected and 
> need to try any available fix.
> 
> I hope that later iiNet will be able to patch their nameservers to 
> correctly return NXDOMAIN to any DNS reply with an A record of 
> 64.94.110.11 .
> 
> I'm going to be porting this patch to BIND9 and applying it here. We get 
> a lot of amateur spam 'press releases' etc, which spoof a non-existant 
> domain instead of the traditional webmail address. As such, they're easy 
> to reject or tarpit at the MAIL FROM: stage of the SMTP transaction, 
> avoiding wasting our bandwidth and staff time. They're the vast majority 
> of our incoming spam. SpamAssassin is not good at catching this kind of 
> spam, as it looks a lot like a legit press release and it's only really 
> a major problem for organisations on the "newspaper" email address lists 
> floating around the 'net. The Verisign changes have totally broken this, 
> and I'm already seeing our mail volumes increasing sharply.
> Even accepting these messages at all also increases our bandwidth costs 
> and mail server load (especially with SpamAssassin).
> 
> I'll be delighted to hear if iiNet patches it's nameservers to restore 
> the proper behaviour of the DNS, in the process rejecting Verisign's 
> money-grubbing move and saving yourselves and your customers time, 
> aggrivation, and wasted bandwidth.
> 
> Craig Ringer
> IT Manager
> POST Newspapers
> 
> 
> _______________________________________________
> plug mailing list
> plug at plug.linux.org.au
> http://mail.plug.linux.org.au/cgi-bin/mailman/listinfo/plug
> 
> 

Why is the above message, sent to iinet, having a Reply To address of 
PLUG?

Has iinet bought out PLUG now, in addition to everything else?

-- 
Bret Busby
Armadale
West Australia
..............

"So once you do know what the question actually is,
 you'll know what the answer means."
- Deep Thought,
  Chapter 28 of 
  "The Hitchhiker's Guide to the Galaxy:
  A Trilogy In Four Parts",
  written by Douglas Adams, 
  published by Pan Books, 1992 
....................................................

_______________________________________________
plug mailing list
plug at plug.linux.org.au
http://mail.plug.linux.org.au/cgi-bin/mailman/listinfo/plug

More information about the plug mailing list