...
On Wednesday, April 6, 2005, 11:54:56 AM, Patrik Nilsson wrote:
At 01:26 2005-04-06 -0700, Jeff Chan wrote:
Raymond, Paul and others, please LART them.
We're not going to blacklist zdnet.
It's not zdnet, it's chkpt.zdnet.com.
Does chkpt.zdnet.com show up in ham?
http://groups-beta.google.com/groups?q=%22chkpt.zdnet.com%22&start=10&am...
Are we still 100% opposed to trying to find a way to include sub-domains in surbls?
Patrik
It's possible to list subdomains, but this one chkpt.zdnet.com would still probably not be appropriate since it probably has legitimate uses. Also subdomains may not be checked by SURBL applications.
Jeff C.
"If it appears in hams, then don't list it."
Discuss mailing list Discuss@lists.surbl.org http://lists.surbl.org/mailman/listinfo/discuss
It is actually worse than a subdomain. If it were a simple "static" name, maybe you could list the IP. But it is a CNAME with a five minute TTL, and it *does* seem to change regularly!
% dig chkpt.zdnet.com any @ns.cnet.com
; <<>> DiG 9.3.0 <<>> chkpt.zdnet.com any @ns.cnet.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18416 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; QUESTION SECTION: ;chkpt.zdnet.com. IN ANY
;; ANSWER SECTION: chkpt.zdnet.com. 300 IN CNAME c10-dw-xw-lb.cnet.com.
;; AUTHORITY SECTION: zdnet.com. 86400 IN NS ns.cnet.com. zdnet.com. 86400 IN NS ns2.cnet.com. zdnet.com. 86400 IN NS ns3.cnet.com.
;; ADDITIONAL SECTION: ns.cnet.com. 86400 IN A 216.239.126.10 ns2.cnet.com. 86400 IN A 206.16.0.71 ns3.cnet.com. 86400 IN A 216.239.120.69
;; Query time: 19 msec ;; SERVER: 216.239.126.10#53(ns.cnet.com) ;; WHEN: Thu Apr 7 07:58:20 2005 ;; MSG SIZE rcvd: 166
% dig c10-dw-xw-lb.cnet.com any @ns.cnet.com
; <<>> DiG 9.3.0 <<>> c10-dw-xw-lb.cnet.com any @ns.cnet.com ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46613 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3
;; QUESTION SECTION: ;c10-dw-xw-lb.cnet.com. IN ANY
;; ANSWER SECTION: c10-dw-xw-lb.cnet.com. 300 IN A 216.239.115.143
;; AUTHORITY SECTION: cnet.com. 86400 IN NS ns.cnet.com. cnet.com. 86400 IN NS ns2.cnet.com. cnet.com. 86400 IN NS ns3.cnet.com.
;; ADDITIONAL SECTION: ns.cnet.com. 86400 IN A 216.239.126.10 ns2.cnet.com. 86400 IN A 206.16.0.71 ns3.cnet.com. 86400 IN A 216.239.120.69
;; Query time: 20 msec ;; SERVER: 216.239.126.10#53(ns.cnet.com) ;; WHEN: Thu Apr 7 07:58:51 2005 ;; MSG SIZE rcvd: 156
Yesterday (or the day before), it pointed at a different IP. I still think the only effective LART is a short message, and forward the problem email to the CNet editors (but maybe someone else can find a person at CNet to listen - I can't).
Meanwhile, If they don't do something soon - I promise when I own cnet.com and zdnet.com, there will not be any redirectors:)
Paul Shupak track@plectere.com