[Dshield] New Verisign Policy

George Theall theall at tifaware.com
Wed Sep 17 15:37:22 GMT 2003


On Wed, Sep 17, 2003 at 10:55:24AM -0400, Keith Bergen wrote:

> 2. How does this affect Email? I saw some talk a while back 
> about email and bouncing, but I didn't understand the effects 
> that this change will have on it.

Currently, the host Verisign has behind that (64.94.110.11) runs a
daemon that simply rejects all mail; eg,

   theall at badger:/usr/local/horde>telnet sldfjalfdsja.com 25
   Trying 64.94.110.11...
   Connected to sldfjalfdsja.com.
   Escape character is '^]'.
   220 snubby2-wceast Snubby Mail Rejector Daemon v1.3 ready
   helo mail.tifaware.com 25
   250 OK
   mail from:<>
   250 OK
   rcpt to:<noone at sldfjalfdsja.com>
   550 User domain does not exist.
   quit
   221 snubby2-wceast Snubby Mail Rejector Daemon v1.3 closing transmission channel
   221 snubby2-wceast Snubby Mail Rejector Daemon v1.3 closing transmission channel
   Connection closed by foreign host.

So while they won't see the content of any messages directed its way, it
does see the envelope sender's address on each message. 

Note: given what Verisign has done with DNS, it pretty much needs to run
such a setup to handle mail - not running it would cause mis-directed
mail to simply queue up on the sender's mail server and be rejected only
after several days of repeated delivery attempts. 


George
-- 
theall at tifaware.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20030917/42a29f81/attachment.bin


More information about the list mailing list