On Fri, 25 Jul 2014 03:30:19 +0200 Karsten Bräckelmann <guent...@rudersport.de> wrote:
> On Thu, 2014-07-24 at 17:32 -0700, jdebert wrote: > > Sprint, which I use for net access is hijacking DNS. > > What exactly do you mean hijacking? Routing NXDOMAIN to some sort of > advertising web-server? Or serious packet-sniffing tampering with > *any* DNS query crossing their hardware? Yes. Also disabling dnssec, not responding to certain queries and modifying responses and queries. They like to call it "transparent DNS proxying". But it's not proxying and obviously not transparent. > > > I cannot trust that the response received by sa-update is valid. Is > > there another method to check for updates? > > If you really cannot trust *.updates.spamassassin.org DNS responses, > you cannot trust *any* DNS response. Including all the DNSxLs SA uses > by default. And rDNS rules. And your own SMTP's Received header. Wow. I never thought of that. :\ > > And just in case your problem merely is with using your ISPs DNS > server, don't. Run your own local, caching DNS resolver > (non-forwarding). > > Unless we're really talking intercepting raw DNS traffic, that should > do. > we are. jd
