[31592] in bugtraq
Re: Permitting recursion can allow spammers to steal name server
daemon@ATHENA.MIT.EDU (Devin Nate)
Mon Sep 15 12:10:03 2003
Message-ID: <3F63DD4F.2080001@bridgecomm.net>
Date: Sat, 13 Sep 2003 21:15:27 -0600
From: Devin Nate <devin.nate@bridgecomm.net>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
In-Reply-To: <3F5E9202.5030004@chrisbrenton.org>
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms010307080208090601090900"
--------------ms010307080208090601090900
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Nice work Chris & Team;
For folks that want to check if an email sender domain is being served
by an authoritative nameserver, don't have sendmail, and have
SpamAssassin, I've submitted patches to the SpamAssassin project to add
this check.
For those interested in adding this, the SA bug link is:
http://bugzilla.spamassassin.org/show_bug.cgi?id=2432
Thanks,
Devin Nate
--
____________________________________________________________
Devin Nate
Chief Consultant & General Manager
BridgeComm Corporation
http://www.bridgecomm.net/
mailto:devin.nate@bridgecomm.net
____________________________________________________________
--------------ms010307080208090601090900
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIINsjCC
AzAwggKZoAMCAQICEEVOtR//+dmew8mD2Rg6BSMwDQYJKoZIhvcNAQEEBQAwXzELMAkGA1UE
BhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1Ymxp
YyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTAyMDEyMjAwMDAwMFoXDTA3
MDEyMTIzNTk1OVowgasxEDAOBgNVBAoTB1NvbHRydXMxHzAdBgNVBAsTFlZlcmlTaWduIFRy
dXN0IE5ldHdvcmsxOjA4BgNVBAsTMVRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy5zb2x0
cnVzLmNvbS9ycGEgKGMpMDIxOjA4BgNVBAMTMVNvbHRydXMgQ2xhc3MgMSBDb25zdW1lciBJ
bmRpdmlkdWFsIFN1YnNjcmliZXIgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALya
9gOP5kh2Q3dYK1Od5d5XQlHagiBlzbVC+29v/536GRg/k5j4RgTI1VwtubaWAsDDxfwF2oJ4
i7f5eK5TU45OsTLdU+sUEhwzbfhGcMomUDcI/8H0kIYuMubUtqZdUdlOqP6ryhzt6kR3IrUO
ZgoAEXWP/N7/8f/inJnFJtjzAgMBAAGjgZ8wgZwwDwYDVR0TBAgwBgEB/wIBADBDBgNVHSAE
PDA6MDgGC2CGSAGG+EUBBxcBMCkwJwYIKwYBBQUHAgEWG2h0dHBzOi8vd3d3LnNvbHRydXMu
Y29tL3JwYTALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMCQGA1UdEQQdMBukGTAX
MRUwEwYDVQQDEwxDbGFzczEtMi0xLTUwDQYJKoZIhvcNAQEEBQADgYEAY9IbtunUqR6fHr7e
jiJqsFbOGpK2xfMep2NtxHtDU31kDdOMrYlFlvQnTeVgEWffPcFbeorNa5TMDPe7G9/8n4x/
/ROXFgdtu7UJcKHhfEQax2RIZXL0yKSsq+bTtKaWvviyub/WGficsnwG/I0zd1EkLYcK+PcS
0DdIGrs94l0wggU7MIIEpKADAgECAhAqiljjVxXRjCzCkZ5kSdSuMA0GCSqGSIb3DQEBBAUA
MIGrMRAwDgYDVQQKEwdTb2x0cnVzMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3Jr
MTowOAYDVQQLEzFUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cuc29sdHJ1cy5jb20vcnBh
IChjKTAyMTowOAYDVQQDEzFTb2x0cnVzIENsYXNzIDEgQ29uc3VtZXIgSW5kaXZpZHVhbCBT
dWJzY3JpYmVyIENBMB4XDTAzMDkwNzAwMDAwMFoXDTA0MDkwNjIzNTk1OVowggE+MRAwDgYD
VQQKFAdTb2x0cnVzMSgwJgYDVQQLFB9Db25zdW1lciBTZXJ2aWNlIENlbnRlciBDbGFzcyAx
MTIwMAYDVQQLEylUZXJtcyBvZiB1c2UgYXQgd3d3LnNvbHRydXMuY29tL3JwYSAoYykwMjEn
MCUGA1UECxMeQXV0aGVudGljYXRlZCBieSBTb2x0cnVzLCBJbmMuMScwJQYDVQQLEx5NZW1i
ZXIsIFZlcmlTaWduIFRydXN0IE5ldHdvcmsxHjAcBgNVBAsTFVBlcnNvbmEgTm90IFZhbGlk
YXRlZDEbMBkGA1UECxMSRGlnaXRhbCBJRCBDbGFzcyAxMRMwEQYDVQQDEwpEZXZpbiBOYXRl
MSgwJgYJKoZIhvcNAQkBFhlkZXZpbi5uYXRlQGJyaWRnZWNvbW0ubmV0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruTVQuOzI9Ln0rI3hSSPhDS1yWnP4zmAlDvFNepR6f6P
1r++XmuSnmbmK8DOZJvMxXngm17Fpr5/wTofX7OLZmBlNuQlW4l3WhHCPbm07wS/y6v11axO
hRrvO4/z5R4FXxSwOvXSUKRDq+VpyTQiZsI9AVSwfx1/YJBSwlmr+zfqc85k9qhTLcW2M+d2
Xsmr32PRNscCf51+jDx/wIlCn9RzTRab2zrcuJ2KItBvHsIGoMrHb8ssRCSIK0lwMbsxBPyb
qIfLzX70zGiOQSeequmV9CxKEctoCFAcPaClkcGQCCxVZHVQhwvbhtd0N8mP7eJBTjXs2tWl
nS0A0lOgKwIDAQABo4IBRDCCAUAwCQYDVR0TBAIwADBeBgNVHR8EVzBVMFOgUaBPhk1odHRw
Oi8vb25zaXRlY3JsLnNvbHRydXMuY29tL1NvbHRydXNDb25zdW1lclNlcnZpY2VDZW50ZXJD
bGFzczEvTGF0ZXN0Q1JMLmNybDCBrAYDVR0gBIGkMIGhMIGeBgtghkgBhvhFAQcBATCBjjAo
BggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzBiBggrBgEFBQcCAjBW
MBUWDlZlcmlTaWduLCBJbmMuMAMCAQEaPVZlcmlTaWduJ3MgQ1BTIGluY29ycC4gYnkgcmVm
ZXJlbmNlIGxpYWIuIGx0ZC4gKGMpOTcgVmVyaVNpZ24wEQYJYIZIAYb4QgEBBAQDAgeAMBEG
CmCGSAGG+EUBBgkEAwEB/zANBgkqhkiG9w0BAQQFAAOBgQAcnhWC7qXVhOBA7n+/Flemhdg8
+qxnGa6gHyMvXeKcWIOmw3nWCJftWIckVw7hWTzzQQmHhuMPDhJ6R8P5HyItQE595WIzL5M5
cNs/iA2TsOQaN6TTR3l+qS3HM9okTG06KY0UNjg8M7sevb3V+u6gVh31UiS/5a+fRO75rQuj
8DCCBTswggSkoAMCAQICECqKWONXFdGMLMKRnmRJ1K4wDQYJKoZIhvcNAQEEBQAwgasxEDAO
BgNVBAoTB1NvbHRydXMxHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNV
BAsTMVRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy5zb2x0cnVzLmNvbS9ycGEgKGMpMDIx
OjA4BgNVBAMTMVNvbHRydXMgQ2xhc3MgMSBDb25zdW1lciBJbmRpdmlkdWFsIFN1YnNjcmli
ZXIgQ0EwHhcNMDMwOTA3MDAwMDAwWhcNMDQwOTA2MjM1OTU5WjCCAT4xEDAOBgNVBAoUB1Nv
bHRydXMxKDAmBgNVBAsUH0NvbnN1bWVyIFNlcnZpY2UgQ2VudGVyIENsYXNzIDExMjAwBgNV
BAsTKVRlcm1zIG9mIHVzZSBhdCB3d3cuc29sdHJ1cy5jb20vcnBhIChjKTAyMScwJQYDVQQL
Ex5BdXRoZW50aWNhdGVkIGJ5IFNvbHRydXMsIEluYy4xJzAlBgNVBAsTHk1lbWJlciwgVmVy
aVNpZ24gVHJ1c3QgTmV0d29yazEeMBwGA1UECxMVUGVyc29uYSBOb3QgVmFsaWRhdGVkMRsw
GQYDVQQLExJEaWdpdGFsIElEIENsYXNzIDExEzARBgNVBAMTCkRldmluIE5hdGUxKDAmBgkq
hkiG9w0BCQEWGWRldmluLm5hdGVAYnJpZGdlY29tbS5uZXQwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCu5NVC47Mj0ufSsjeFJI+ENLXJac/jOYCUO8U16lHp/o/Wv75ea5Ke
ZuYrwM5km8zFeeCbXsWmvn/BOh9fs4tmYGU25CVbiXdaEcI9ubTvBL/Lq/XVrE6FGu87j/Pl
HgVfFLA69dJQpEOr5WnJNCJmwj0BVLB/HX9gkFLCWav7N+pzzmT2qFMtxbYz53ZeyavfY9E2
xwJ/nX6MPH/AiUKf1HNNFpvbOty4nYoi0G8ewgagysdvyyxEJIgrSXAxuzEE/Juoh8vNfvTM
aI5BJ56q6ZX0LEoRy2gIUBw9oKWRwZAILFVkdVCHC9uG13Q3yY/t4kFONeza1aWdLQDSU6Ar
AgMBAAGjggFEMIIBQDAJBgNVHRMEAjAAMF4GA1UdHwRXMFUwU6BRoE+GTWh0dHA6Ly9vbnNp
dGVjcmwuc29sdHJ1cy5jb20vU29sdHJ1c0NvbnN1bWVyU2VydmljZUNlbnRlckNsYXNzMS9M
YXRlc3RDUkwuY3JsMIGsBgNVHSAEgaQwgaEwgZ4GC2CGSAGG+EUBBwEBMIGOMCgGCCsGAQUF
BwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vQ1BTMGIGCCsGAQUFBwICMFYwFRYOVmVy
aVNpZ24sIEluYy4wAwIBARo9VmVyaVNpZ24ncyBDUFMgaW5jb3JwLiBieSByZWZlcmVuY2Ug
bGlhYi4gbHRkLiAoYyk5NyBWZXJpU2lnbjARBglghkgBhvhCAQEEBAMCB4AwEQYKYIZIAYb4
RQEGCQQDAQH/MA0GCSqGSIb3DQEBBAUAA4GBAByeFYLupdWE4EDuf78WV6aF2Dz6rGcZrqAf
Iy9d4pxYg6bDedYIl+1YhyRXDuFZPPNBCYeG4w8OEnpHw/kfIi1ATn3lYjMvkzlw2z+IDZOw
5Bo3pNNHeX6pLccz2iRMbTopjRQ2ODwzux69vdX67qBWHfVSJL/lr59E7vmtC6PwMYIERzCC
BEMCAQEwgcAwgasxEDAOBgNVBAoTB1NvbHRydXMxHzAdBgNVBAsTFlZlcmlTaWduIFRydXN0
IE5ldHdvcmsxOjA4BgNVBAsTMVRlcm1zIG9mIHVzZSBhdCBodHRwczovL3d3dy5zb2x0cnVz
LmNvbS9ycGEgKGMpMDIxOjA4BgNVBAMTMVNvbHRydXMgQ2xhc3MgMSBDb25zdW1lciBJbmRp
dmlkdWFsIFN1YnNjcmliZXIgQ0ECECqKWONXFdGMLMKRnmRJ1K4wCQYFKw4DAhoFAKCCAlsw
GAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDMwOTE0MDMxNTI3
WjAjBgkqhkiG9w0BCQQxFgQUinkdA8VYcAr8fr+O9tN2AkhNLwcwUgYJKoZIhvcNAQkPMUUw
QzAKBggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcw
DQYIKoZIhvcNAwICASgwgdEGCSsGAQQBgjcQBDGBwzCBwDCBqzEQMA4GA1UEChMHU29sdHJ1
czEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazE6MDgGA1UECxMxVGVybXMgb2Yg
dXNlIGF0IGh0dHBzOi8vd3d3LnNvbHRydXMuY29tL3JwYSAoYykwMjE6MDgGA1UEAxMxU29s
dHJ1cyBDbGFzcyAxIENvbnN1bWVyIEluZGl2aWR1YWwgU3Vic2NyaWJlciBDQQIQKopY41cV
0YwswpGeZEnUrjCB0wYLKoZIhvcNAQkQAgsxgcOggcAwgasxEDAOBgNVBAoTB1NvbHRydXMx
HzAdBgNVBAsTFlZlcmlTaWduIFRydXN0IE5ldHdvcmsxOjA4BgNVBAsTMVRlcm1zIG9mIHVz
ZSBhdCBodHRwczovL3d3dy5zb2x0cnVzLmNvbS9ycGEgKGMpMDIxOjA4BgNVBAMTMVNvbHRy
dXMgQ2xhc3MgMSBDb25zdW1lciBJbmRpdmlkdWFsIFN1YnNjcmliZXIgQ0ECECqKWONXFdGM
LMKRnmRJ1K4wDQYJKoZIhvcNAQEBBQAEggEAjKaLC3OH7RDcaKX36NyNhXVXK0G/z5gu8vaV
y9pr5RwbxaSrlKUh3Bqks11XYLESlsaW+N2yT19iI0uthNAgz/Kk0Jc14ydsH12tTJGgUJHE
eeAx0O+ibtUqi+NaOZe4ivUe+/vJP04QvWZuOXrplx6Tc5ecC3QBvuY83mGz+LDGpffQj0dV
G+vkcg3e5zB+sl1iuqIMCXMxO31gTBe53YFWE6OM+nXV+6VyKDdAzPfLxSpmTQnEiTN1GFEZ
upbI7F8VKwOhoSQIrmFwXSlg/eipeVdLXeup3Trr9hsEcC6xdDITTD3uCKG26tM9XN7qo0IM
V0IxJLg20iJPzB1regAAAAAAAA==
--------------ms010307080208090601090900--
