verisign - wildcard - bind - delegation-only {Scanned by HJMS }
shrek-m at gmx.de
shrek-m at GMX.DE
Thu Sep 18 15:07:53 IST 2003
Ryan Weaver wrote:
> Actually, yes.. This patch was specifically developed to counteract
>actions like what VeriSign is doing...
>
it works ;-)
# /usr/local/sbin/named -v
BIND 9.2.3rc2
$ host blablablubber.com
Host blablablubber.com not found: 3(NXDOMAIN)
$ grep -1 delegation /etc/named.conf
zone "com" {
type delegation-only;
};
>
> Setting the zone "com" to delegation only means that if the root
>servers that control delegation for com respond with any thing other than NS
>and RR records, those errant records will be ignored...
>
this configuration will not work:
$ grep -1 delegation /etc/named.conf
zone "." {
type delegation-only;
};
$ host blablablubber.com
blablablubber.com has address 64.94.110.11
--
shrek-m
More information about the MailScanner
mailing list