There are many fundamental tactical axioms in the world. Never fight a war on two fronts. Never get into a land war in asia. Never attack Russia in the winter. Do not piss NANOG off. Verislime managed to violate the latter, and arguably the most insane, of those :)
What ICANN might do in response is questionable. DoC is reportedly "concerned" by Verislime's actions, coming as they did only a day or so to the new issue of the MoU for ICANN's continuation. How ICANN responds to the matter might be influenced by the MoU a little, we can but hope.
AFAIK:ISC released a BIND 9 patch, I don't know if sendmail has been patched yet. SpamAssassin does have issues with the wildcarding, if only the scoring for supposedly-defunct RBL's. Whois is unaffected, domain ordering apps used by resellers should only be affected if they use host to check for domain name availability rather than whois.
The whole thing is going to be more of a concern to dial-up providers than hosting providers, methinks. From my perspective, getting sendmail tweaked is going to be somewhat more important from a reseller point of view.
Given that Verislime's "snuffy rejector" (now renamed) doesn't reject with the correct error codes, and then only after from: and rcpt to: have been sent, I'm not sure how things can get fixed to bypass the wildcarding, short of adding a pre-mailing host check step to see if the domain name points to Verislime's wildcarding IP address, and if so, automagically assume a host not found failure and reject before sending. But that has it's own issues, not least of which is if Verislime starts switching IP's.
Then again, I'm not a sendmail guru by any stretch of the imagination :) Kathi At 04:20 PM 9/20/03 +0200, SikaSpam wrote:
FWIW, Verisign has apparently "decided" or been forcedby ICANN[T] to wait on the issue of resoving ALL domain names, whether they exist or not. Most of us don't think it's a good idea, to say the least.Just a note regarding this. Yesterday I noticed thatwe are actually receiving bounces with 'host not found' on the bounce message. I'm not sure if that means that the problem is fixed or what.(top posting seems appropriate here - is it?) ====================================================================== Technical questions regarding this list may be sent to <vps-mail-owner@xxxxxxxxxxxx>. You may request an automated help response by sending an email with the word 'help' (w/o quotes) in the BODY of the message (subject is ignored) to <vps-mail-request@xxxxxxxxxxxx>. ======================================================================
====================================================================== Technical questions regarding this list may be sent to <vps-mail-owner@xxxxxxxxxxxx>. You may request an automated help response by sending an email with the word 'help' (w/o quotes) in the BODY of the message (subject is ignored) to <vps-mail-request@xxxxxxxxxxxx>. ======================================================================