Much worse is the effect this will have on email - checking for non-existent domains is a good way of blocking spam, and indeed just verifying email addresses. Also, as VeriSign are running a mail server that rejects all messages, old or incorrect MX records which previously be ignored will now cause all email to a domain to be bounced.
Update 1: Ooh! More fun! Any DNS blacklists (again popular for blocking spam) which no longer exist (eg orbs.dorkslayers.com) will now have sprung back into life listing every address on the internet - meaning more false positives in junk mail blockers.
Update 2: Here's a good article written a couple of hours after this started. There is, of course, much discussion on Slashdot, and an article on The Register (with quotes from my boss,
alnitak). VeriSign's posting about it on NANOG can be found here, and there's apparently much backlash to be found there too.Update 3: One other concern this raises is privacy/security - every mis-typed URL or email address that goes to a non-existant .com or .net domain will now hit VeriSign's servers - and their terms and conditions state that they will keep that information - what email addresses you were trying to send to and from, what websites you were trying to visit (including any form parameters, potentially including usernames and passwords). How nice.
Update 4: This doesn't just happen to un-registered domains - it also applies to domains which are paid for and owned by someone who just happens not to have st up any DNS servers for it. Leading to even further dubious legality.
WAY TO BREAK THE INTERNET!!!!!
Needless to say, large numbers of ISPs and the like will be looking to take their domain registration and SSL certificate business elsewhere.
September 16 2003, 03:27:19 UTC 17 years ago
I accept the issues you have referred to wrt spam and dodgy MX records are real ones.
September 16 2003, 03:42:53 UTC 17 years ago