Re: [Exim] Verisign pulls a fast one

Top Page
Delete this message
Reply to this message
Author: Giolla Decair
Date:  
To: exim-users
Subject: Re: [Exim] Verisign pulls a fast one
Sheldon Hearn may one day have said:
> On (2003/09/16 06:50), Justin F. Knotzke wrote:
> > <quote who=Richard Lithvall date=[030916 06:18]/>
> > > The A record must equal 64.94.110.11 for this to be true, any other
> > > (including no A record at all) expands to false.
> > > (Or have i overseen some logic?)
> My concern is for FQDNs that don't have an A record, but do have an MX
> record. This is perfectly legal DNS, although I can't find an example
> to test with.


It shouldn't be an issue as the wildcard record will only take effect
for domains for which there is no other record. If there are MX
records for a FQDN then there willbe NS records for that domain and
verisigns wildcard won't get a look in.

> I'm concerned that your ACL will bugger senders with such domains. :-)


Nah verisign are only breaking non-existant domains, and lots of other
things as a side effect, if the domain exists regardless of what other
records it has then the wild card record won'tmake any difference.

--
Giolla Decair
              "Missed it
               the moment to join in the laugh" - George Marsh