Has anyone investigated the operational effects of causing domains with
any abusive MX entries (such as 0.0.0.0 or 127.0.0.1) to fail to verify?
For example, with the usual ignore_target_hosts settings the domain below
will verify OK because one of its MX hosts is valid. Perhaps it would be
better to fail to verify domains like this - though I'm not sure how to
achieve this without patching Exim.
; <<>> DiG 8.3 <<>> mx frognet.net.returnreceipt.com
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61015
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3
;; QUERY SECTION:
;; frognet.net.returnreceipt.com, type = MX, class = IN
;; ANSWER SECTION:
frognet.net.returnreceipt.com. 1d7h28m38s IN MX 5 frognet.net.returnreceipt.com.
frognet.net.returnreceipt.com. 1d7h28m38s IN MX 10 guardpuppy.com.
;; AUTHORITY SECTION:
frognet.net.returnreceipt.com. 1d7h28m38s IN NS guardpuppy.com.
frognet.net.returnreceipt.com. 1d7h28m38s IN NS copa.geek.net.au.
;; ADDITIONAL SECTION:
frognet.net.returnreceipt.com. 1d7h28m38s IN A 0.0.0.0
guardpuppy.com. 1d7h28m38s IN A 193.114.233.33
copa.geek.net.au. 4h10m4s IN A 203.217.18.13
;; Total query time: 21 msec
;; FROM: cyan.csi.cam.ac.uk to SERVER: 127.0.0.1
;; WHEN: Mon May 16 10:53:26 2005
;; MSG SIZE sent: 47 rcvd: 211
Tony.
--
<fanf@???> <dot@???>
http://dotat.at/ ${sg{\N${sg{\
N\}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}\
\N}{([^N]*)(.)(.)(.*)}{\$1\$3\$2\$1\$3\n\$2\$3\$4\$3\n\$3\$2\$4}}