North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: what happens when you put a typo in a DNSBL server?

  • From: Alexander Harrowell
  • Date: Tue Jan 16 11:54:45 2007
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=jd166Gf2/KIlYz5OyhO50aYuEZTg8syvf+MOyN1/wkj5Qu2gp4Asmd3ccZFxj6K0F7GmDMZ1wBYrsmB52Gx3SCPd7rNK8eu5PgElWc49KN4rKbSdHmgFTB6rSSJ93Tul6NO8JQrg4mIWK9CdJ8kroy+Xey4ttt+Du5a+hcGyZUU=

Let's all hope they don't think of the possibilities *too* quickly.

On 1/16/07, Wes Hardaker <wjhns61@xxxxxxxxxxxxx> wrote: 


A number of ISPs use njabl.org as a DNS BL server.  However, starting
jan 2 a new domain exists "njalb.org" which is serving A records for
anything queried against it's DNS server.  (note the difference: njaBL
vs njaLB). Previous to this date a misconfigured ISP was just not
being protected by the BL.  Now, it's potentially dropping all mail
from anyone because of the typo.

# dig +short mail.merit.edu a
198.108.1.11

# dig +short 11.1.108.198.combined.njabl.org

# dig +short 11.1.108.198.combined.njalb.org
64.20.43.107
66.45.232.66
66.45.232.75
66.45.237.187


I know of at least one ISP that is likely dropping mail from
everyone...
--
"In the bathtub of history the truth is harder to hold than the soap,
 and much more difficult to find."  -- Terry Pratchett