Re: [Exim] Verisign pulls a fast one

Top Page
Delete this message
Reply to this message
Author: Matthew Byng-Maddick
Date:  
To: Exim Users Mailing List
Subject: Re: [Exim] Verisign pulls a fast one
On Tue, Sep 16, 2003 at 01:30:07PM +0200, Sheldon Hearn wrote:
> On (2003/09/16 06:50), Justin F. Knotzke wrote:
> > <quote who=Richard Lithvall date=[030916 06:18]/>
> > > The A record must equal 64.94.110.11 for this to be true, any other
> > > (including no A record at all) expands to false.
> > > (Or have i overseen some logic?)
> My concern is for FQDNs that don't have an A record, but do have an MX
> record. This is perfectly legal DNS, although I can't find an example
> to test with.
> I'm concerned that your ACL will bugger senders with such domains. :-)


I don't see why? The gtld servers will have an NS entry, and will answer
every query to them with an NS record (if the domain exists), or an A
record (if it doesn't). If there is a domain with just an MX, veryslime
won't be using their wildcard entry, they'll be giving you an NS answer.

So your MX will work, but your A record will give NXDOMAIN as expected.

Or am I missing some part of what you're saying?

MBM

--
Matthew Byng-Maddick         <mbm@???>           http://colondot.net/