From owner-freebsd-isp@FreeBSD.ORG  Wed Sep 17 14:39:42 2003
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2296416A4B3
	for <freebsd-isp@freebsd.org>; Wed, 17 Sep 2003 14:39:42 -0700 (PDT)
Received: from relay.transip.nl (relay.transip.nl [80.69.66.68])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EBFB543FDF
	for <freebsd-isp@freebsd.org>; Wed, 17 Sep 2003 14:39:40 -0700 (PDT)
	(envelope-from freebsd@walter.transip.nl)
Received: from blue.calx.nl (blue.calx.nl [213.84.201.224])
	by relay.transip.nl (Postfix) with ESMTP id 7F748270
	for <freebsd-isp@freebsd.org>; Wed, 17 Sep 2003 23:39:38 +0200 (CEST)
Received: from kai.calx.nl (kai.calx.nl [172.23.7.10])
	by blue.calx.nl (Postfix) with ESMTP id 21161A931
	for <freebsd-isp@freebsd.org>; Wed, 17 Sep 2003 23:39:39 +0200 (CEST)
Date: Wed, 17 Sep 2003 23:39:59 +0200
From: Walter Hop <freebsd@walter.transip.nl>
X-Mailer: The Bat! (v1.62r) Educational
X-Priority: 3 (Normal)
Message-ID: <48322287.20030917233959@blue.calx.nl>
To: freebsd-isp@freebsd.org
In-Reply-To: <87znh3o3p2.fsf@gray.impulse.net>
References: <20030917081828.GC43577@mccaffrey.house.so14k.com>
 <87znh3o3p2.fsf@gray.impulse.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: Re[2]: Verisign fun.
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Sep 2003 21:39:42 -0000

[in reply to secabeen@pobox.com, 17-9-2003]

>> I don't know about you guys but the verisign redirecting all
>> unregistered .com/.net domains is annoying. Someone pointed this out to
>> me.
>>
>> http://achurch.org/bind-verisign-patch.html
>
> If you want to do something like this, here's the official ISC patch:
>
> http://www.isc.org/products/BIND/delegation-only.html

If you do this patch, test it carefully. I have had serious resolution
problems with the patch on FreeBSD 4.8, and somebody else on bind9-users
with Solaris had the same.

Unless you host applications or networks that break, I would suggest
waiting a few days to see if an updated version becomes available.

I am nullrouting the IP addresses of Verisign's spam webservers for now.

cheers,
walter

-- 
We have met the enemy, and he is us.