nanog mailing list archives
Re: VeriSign SMTP reject server updated
From: jlewis () lewis org
Date: Sun, 21 Sep 2003 22:00:16 -0400 (EDT)
On Sat, 20 Sep 2003, Avleen Vig wrote:
We are interested in feedback on the best way within the SMTP protocol to definitively reject mail at these servers. One alternate option we[snip]The correct "solution" is to remove the wildcarding. Until that happens, the best thing to do IS accept and then reject mail. This is significantly better than leaving it to expire in a spool after 5 days.
Did someone already suggest adding an MX to the * record that points to a nonexistent host (obviously in some other TLD)? At least in my environment (sendmail/bind9/Linux), I can setup a wildcard record with an A record and an MX record pointing to a bogus host, and mail bounces immediately. 550 5.1.2 <jlewis () nomail wild lewis org>... Host unknown (Name server: nomail.invalid.: host not found) I think the whole wildcards in .com/.net is a bogus idea...but this sort of setup would at least keep lots of mail from trying to get delivered to VeriSlime. I've already had to fix one old SpamAssassin installation that was scoring mail based on hits in one of the dorkslayers.com dnsbls that no longer exists. It seems dorkslayers.com has decided to fix this by registering some name servers again. Until recently, they'd taken the name server records off the domain, and so VeriSlime had hijacked dorkslayers.com, turning it and all its subzones into a 0/0 dnsbl. modified: 2003-09-16 15:52:46 UTC JORE-1 ---------------------------------------------------------------------- Jon Lewis *jlewis () lewis org*| I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
Current thread:
- Re: VeriSign SMTP reject server updated, (continued)
- Re: VeriSign SMTP reject server updated Daniel Roesen (Sep 21)
- Re: VeriSign SMTP reject server updated Stephen J. Wilcox (Sep 21)
- Re: VeriSign SMTP reject server updated E.B. Dreger (Sep 21)
- Re: VeriSign SMTP reject server updated Eric A. Hall (Sep 21)
- Re: VeriSign SMTP reject server updated Stephen J. Wilcox (Sep 21)
- Re: VeriSign SMTP reject server updated Eric A. Hall (Sep 21)
- Re: VeriSign SMTP reject server updated David Lesher (Sep 25)
- Re: VeriSign SMTP reject server updated Gerald (Sep 25)
- Re: VeriSign SMTP reject server updated Avleen Vig (Sep 20)
- Re: VeriSign SMTP reject server updated jlewis (Sep 21)
- Re: VeriSign SMTP reject server updated Matthew S. Hallacy (Sep 21)
- RE: VeriSign SMTP reject server updated Eric Germann (Sep 21)
- Re: VeriSign SMTP reject server updated Richard Cox (Sep 22)