| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Mike Mascari <mascarm(at)mascari(dot)com> |
| Cc: | "Nigel J(dot) Andrews" <nandrews(at)investsystems(dot)co(dot)uk>, Nikola Milutinovic <Nikola(dot)Milutinovic(at)ev(dot)co(dot)yu>, Tomcat Users List <tomcat-user(at)jakarta(dot)apache(dot)org>, pgsql-general(at)postgresql(dot)org, info-cyrus(at)lists(dot)andrew(dot)cmu(dot)edu, cyrus-sasl(at)lists(dot)andrew(dot)cmu(dot)edu, amavis-user(at)lists(dot)sourceforge(dot)net |
| Subject: | Re: OT: HEADS-UP: viral storm out there |
| Date: | 2003-09-19 23:42:04 |
| Message-ID: | 12274.1064014924@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Mike Mascari <mascarm(at)mascari(dot)com> writes:
> In keeping with being off topic, how do people feel about Verisign
> wild-carding the .com and .net domain names so any miskeys
> (www.someunregistereddomain.com) resolve to sitefinder.verisign.com.
They'll be first against the wall when the revolution comes. I suggest
voting with your feet: if you still have any domains registered via
Network Solutions, reregister them elsewhere, immediately.
> It is my understanding that sendmail's default configuration rejects
> mail whose envelope contains an unregistered domain name, and now that
> line of defense (as small as it is) has been rendered useless.
Yeah. The latest version of BIND is able to reject verisign's bogus
redirections and maintain the proper behavior. I installed it about
thirty hours ago, and I've already rejected 270 spams that would have
gotten through (that particular line of defense anyway) without the
fix. I think a lot of them were this newest worm though, as normally
the reject rate is a lot lower.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Manfred Koizar | 2003-09-19 23:43:59 | Re: State of Beta 2 |
| Previous Message | Tom Lane | 2003-09-19 22:51:00 | Re: State of Beta 2 |