On 3 Oct 2012, at 16:26, Wietse Venema wrote:
Bill Cole:
; <<>> DiG 9.9.1-P3 <<>> dfleur.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 41183
How will I reproduce this quickly?
I am not sure. If your resolver is BIND you can make dfleur.com (and as
far as I can tell, nothing else but other spammer domains) yield
SERVFAIL by adding this to the options section of named.conf:
blackhole {
108.161.130.187;
};
Then (after running "rndc reconfig") you can test by trying to send mail
claiming to be from any dfleur.com address, as I did.
I don't have a handy generic way to make a domain fail in this way. It
does require a resolver failure.
