Re: [SAtalk] RD - Here is a rule to check for Verisign redirect domain

Chris Trudeau Wed, 17 Sep 2003 07:28:48 -0700

this IS good, but now go and update the address:

> sitefinder.verisign.com
Server:         127.0.0.1
Address:        127.0.0.1#53


Non-authoritative answer:
Name:   sitefinder.verisign.com
Address: 12.158.80.10


CT


----- Original Message ----- 
From: "Daniel Quinlan" <[EMAIL PROTECTED]>
To: "Fred" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, September 17, 2003 2:22 AM
Subject: Re: [SAtalk] RD - Here is a rule to check for Verisign redirect
domain


> "Fred" <[EMAIL PROTECTED]> writes:
>
> > Here's a quick rule I just made in response to Verisign's actions.
> >
> >
> > header  __DNS_SITEFINDER eval:check_rbl_from_host('sitefinder', '.')
> > tflags  __DNS_SITEFINDER net
> > header  SITEFINDER_IP  eval:check_rbl_sub('sitefinder', '64.94.110.11')
> > describe SITEFINDER_IP  From: resolves to a verisign hijacked domain.
> > score  SITEFINDER_IP  1.5
>
> Ah, abuse of the DNS code, I like it!
>
> Daniel
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Spamassassin-talk mailing list
> [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/spamassassin-talk



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk

Re: [SAtalk] RD - Here is a rule to check for Verisign redirect domain

Reply via email to