If you ever did a whois on say google.com , miscrosoft.com or yahoo.com you have been most likely been exposed to some obscenity and there is nothing the owners of the named domains can do about it.
This is to say that they or their providers or the dns servers have not been in any way hacked or exploited , responsible for this is a feature (turned into a flaw in the light of this) in whois clients that returns everything within the namespace of the queried domain name.
It did not take long for malicious or plain disgruntled individuals to turn dns spammers by creating a google.com.my.spam.rant.whatever.text.example.com subdomain on their own example.com to spam google whois for example.
As the whois query searches for any entries containing google.com in this case, the subdomain on example.com would be returned too , it is expected behaviour of the program.
Inexplicably unexpected was the exploitation of this , however funny MICROSOFT.COM.SMELLS.SIMPLECODES.COM might look to you , there could have been ways to prevent this being displayed in the whois for microsoft.com
Posted: November 22nd, 2006
Categories:
network
Tags:
dns,
microsoft,
spam
Comments:
1 Comment.
Since aprox Sept 2004 there is a new headache for mail server administrators but it is not sure whatever it has the same effect on spammers , like it was intended to , and it’s name is SPF .
It is part of a set of rules that work for the purpose of stopping spam , and it is claimed that in the future all the mail your server send will be seen as spam if you do not implement SPF into your DNS records
There is a new SPF version out that makes use of microsoft’s proprietary Sender ID , which makes it unimplementable in any GNU software , but the classic SPF implamentation does not and is widely implemented in many opensource infrastructures.
You can use a SPF wizard on http://spf.pobox.com/ to generate your TXT record for spf , then add that record to your existing DNS records , that is if you have the ability to add TXT records to your DNS server .
Once you do that here is a tool to test your domain for SPF compliancehttp://www.dnsstuff.com/pages/spf.htm
Posted: January 2nd, 2005
Categories:
network,
software
Tags:
dns,
mail,
spam,
spf,
whois
Comments:
No Comments.
