--On Monday, September 15, 2003 22:13:26 -0400 "Tabor J. Wells"
<twells@???> wrote:
> On Tue, Sep 16, 2003 at 01:45:19AM +0100,
> Gary Palmer <gjp@???> is thought to have said:
>
>> I strongly recommend EVERYONE add:
>>
>> 64.94.110.11
>>
>> to the 'ignore_target_hosts' directive on any/all dnslookup routers (in
>> addition to the RFC 1918 entries that are already there, right? :) )
>
> This isn't enough. You'll also need to make sure you have 'require
> verify=sender' to the appropriate ACL as well
Or turn VeriSign into an RBL list via:
deny message = Listed in VeriSign wildcard A records
dnslists = XX.nstld.com=64.94.110.11
Where XX is your favorite VeriSign TLD server (A2, B2, etc. You
can get a list via 'whois nstld.com'.)
-Pat