Sitefinder
Ron Wickersham
rjw at ITSMYINTERNET.ORG
Sun Oct 4 21:33:18 CEST 2009
On Sun, 4 Oct 2009, Jorge Amodio wrote:
---snip--- (a lot of good information showing what sitefinder wild cards did)
> The real problem behind all this, and that was one of the fundamental issues
> with SiteFinder, is that this type of manipulation of the responses from the
> authoritative name servers change the normal behavior of the overall DNS
> system, then this can brake applications and complicate any analysis or
> modeling of the DNS (not just the root zone).
one application that breaks is e-mail. a recipient's domain is not
required to have an MX record, and in the absence of one, the mail is
delivered to the A record ip address of the domain.
nominally if a user mistypes a domain name portion of an e-mail address,
he will get an immediate response that the destination domain does not
exist.
if DNS however answers a wildcard A response, and that address is provided
just a port 80/web server, and no port 25/smtp mail server exists at that
address, then the sender's mail application (or his ISP's mail relay) will
assume that the destination mail server is temporarily down and put the
mail in it queue and try later. this clogs up the queue and interferes
with mail delivery since the proper error message was not delivered to the
originator of the mail.
-ron
Ron Wickersham
More information about the Ncuc-discuss
mailing list