<<< Date Index >>>     <<< Thread Index >>>

[ga] Verisign could receive your mail



The wildcarding of .com/.net does not impact only the Web. Since the
mail servers try the A record if they get an empty reply when asking a
MX record (this is what happens today in .com/.net), the mail server
attempts to deliver any mail with a typo to Verisign. Currently, the
Verisign server rejects it. What will happen in the future?

A SMTP session, showing the (current) rejection:

% date | Mail -s TEST -v bortzmeyer@xxxxxxxxxxxxxxxxxxxxxxxxxx
bortzmeyer@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx Connecting to 
dffdhfghsqrtzrvbxcvwwc.com. via esmtp...
220 snubby2-wceast Snubby Mail Rejector Daemon v1.3 ready
>>> EHLO maya40.nic.fr
250 OK
>>> MAIL From:<bortzmeyer@xxxxxx>
250 OK
>>> RCPT To:<bortzmeyer@xxxxxxxxxxxxxxxxxxxxxxxxxx>
550 User domain does not exist.
>>> RSET
250 OK
/home/bortzmeyer/dead.letter... Saved message in /home/bortzmeyer/dead.letter
Closing connection to dffdhfghsqrtzrvbxcvwwc.com.
>>> QUIT
221 snubby2-wceast Snubby Mail Rejector Daemon v1.3 closing transmission channel

There is no MX (but no NXDOMAIN - no such domain - reply either):

% dig MX dffdhfghsqrtzrvbxcvwwc.com.

; <<>> DiG 9.2.1 <<>> MX dffdhfghsqrtzrvbxcvwwc.com.
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49597
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;dffdhfghsqrtzrvbxcvwwc.com.    IN      MX

;; AUTHORITY SECTION:
com.                    10643   IN      SOA     a.gtld-servers.net. 
nstld.verisign-grs.com. 2003091501 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 192.134.4.160#53(192.134.4.160)
;; WHEN: Tue Sep 16 10:22:45 2003
;; MSG SIZE  rcvd: 120

But there is the infamous A record, used to bring innocent users to a
Web site:

% dig A dffdhfghsqrtzrvbxcvwwc.com. 

; <<>> DiG 9.2.1 <<>> A dffdhfghsqrtzrvbxcvwwc.com.
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49597
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 13, ADDITIONAL: 13

;; QUESTION SECTION:
;dffdhfghsqrtzrvbxcvwwc.com.    IN      A

;; ANSWER SECTION:
dffdhfghsqrtzrvbxcvwwc.com. 705 IN      A       64.94.110.11

...