[Techtalk] Verisign wildcard DNS hijacks .net and .com for advertising purposes

[Carla Schroder]

On Monday 15 September 2003 7:28 pm, Mary wrote:
> Hi everyone,
>
> This is more a public service announcement than the start of a
> discussion but...
>
> Point your browser at http://dfgdfgsfdgd.net/ or
> http://sfhjsjfhkshfjshdfjkhsdfhjsd.net/ or
> http://www.fdjlfdjkfdskdsfhjdsfhjdshdsfjkl.com/
>
> Those .net domains aren't registered... but they now point at a Verisign
> webpage rather than not resolving. Verisign has decided to use
> unregistered domains themselves.
>
> See http://advogato.org/article/707.html for a possible response to
> this: change the software to ignore Verisign's stupid DNS hijack.
>
> Feel free to forward this message, but please delete my name and email
> address from forwards (since I have nothing to do with the whole mess),
> and please don't forward it after the end of September 2003.
>

And the plot sickens... pithy quotes from the "Verisign kills a useful 
anti-spam tactic" on news.admin.net-abuse.email:

"The incompetent amoral liars at Verisign have made it impossible to 
reject mail from .net and .com addresses whose domain parts do not 
exist, by setting up wildcard DNS on the gtld-server.net machines"

"Verisign has destroyed the root domain hierarchy! Make up any bloody domain 
name, and what do you get? The domain exists, the response mail adddress is 
nstld.verisign-grs.com, the authoritative nameserver is a.gtld-servers.net

And it advertises their services. Holy crap."

"Yes, that's right.  It doesn't matter what a client says, Verithief's
"stub" mail server says 220, 250, 250, 550, 250, 221-close.

This is presumably the SMTP equivalent of flipping one's finger over
one's lip and going "buh buh buh".

Thank goodness we have the spineless, useless ICANN overseeing these 
matters....I feel so much better now...
-- 
~~~~~~~~~~~~~~~~~~~~~~~~~
Carla Schroder
www.tuxcomputing.com
this message brought to you
by Libranet 2.8 and Kmail
~~~~~~~~~~~~~~~~~~~~~~~~~