Verisign bogosity
John Rudd
jrudd at UCSC.EDU
Tue Sep 16 17:48:26 IST 2003
On Tuesday, Sep 16, 2003, at 09:41 US/Pacific, Michele Neylon::
Blacknight Solutions wrote:
>
>>
>> someone is also developing a bind patch that answers 'non
>> existant domain' if the answer is 64.94.110.11.
>>
> That would be nice
>
Someone posted this to the CGP mailing list. Apparently the patches
are already out there.
> From: Matthew Walker <matthew at aliencamel.com>
> To: "CommuniGate Pro Discussions" <CGatePro at mail.stalker.com>
> Subject: Re: Verisign
>
>
> There are patches for:
>
> djbdns - http://tinydns.org/djbdns-1.05-ignoreip.patch
>
> bind8 - http://achurch.org/bind-verisign-patch.html
>
> bind9 -
> http://slashdot.org/comments.pl?sid=78637&threshold=-
> 1&commentsort=0&tid=95&mode=thread&pid=6972991
>
> that translate the verisign ip back to an NXDOMAIN when using these
> servers as dns caches. I'm using the djbdns one and it works well,
> can't speak for the bind ones.
>
> Matthew
>
More information about the MailScanner
mailing list