Bind allowing localhost maps

Barry Margolin barmar at
Fri Mar 10 22:45:24 UTC 2000

In article <200003102210.PAA27171 at refuge.Colorado.EDU>,
Robert Weber  <Robert.Weber at Colorado.EDU> wrote:
>This is a report I got from our campus spamcop.  It I verified I can do
>this with bind 8.2.2p5 by CNAME'ing my machine to localhost.  The domain
>is rejected as authoritive BUT it still resolves making a clever hole
>for spamers.  Can this be looked into so bind will stop functioning when
>such a resoultion to localhost or is made?

At the DNS level there's nothing wrong with this.  It's not BIND's job to
protect sendmail.

I'm not sure what "clever hole for spammers" you're talking about.  There
are plenty of ways for spammers to create bogus return addresses.  If they
don't MX it to localhost, they can MX it to some real server that won't
accept it.  Either way, you can't reply to them.

>------- Forwarded Message
>Return-Path: hugger at Colorado.EDU
>Date: Fri, 10 Mar 2000 13:59:58 -0700
>From: Phil Hugger <hugger at Colorado.EDU>
>Those wiley spammers are getting pretty inventive.
>>    ----- Transcript of session follows -----
>> 554 MX list for points back to boulder.Colorado.EDU
>> 554 <dsmith at>... Local configuration error
>Oh, really?
>~>nslookup -q=mx
>Server:  boulder.Colorado.EDU
>Non-authoritative answer:
>    preference = 5, mail exchanger = localhost
>> Subject: Fw:  really works!  
>> This is not SPAM. This e-mail has been sent to you in opt
>> in subscribers news service.
>- -Phil
>------- End of Forwarded Message

Barry Margolin, barmar at
GTE Internetworking, Powered by BBN, Burlington, MA
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

More information about the bind-users mailing list