Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spammers' Upend DNS

Posted by CmdrTaco on from the cat-and-mouse dept.

Saint Aardvark writes "eWeek reports on the latest trick of spammers: getting around DNS-based lookups. By registering a domain *after* the spam goes out advertising it, they can get around blacklists. However, that causes all sorts of problems for ISPs and anti-spam services. Paul Judge, CTO at Ciphertrust, says "Even in large enterprises, it's becoming very common to see a large spam load cripple the DNS infrastructure.""

3 of 304 comments (clear)

  1. Re:Thats a nice stunt by 2advanced.net · · Score: 3, Informative

    You've misunderstood the problem ...

    The domains sending the email exist, but the ones advertised in the email do not. Because SpamCop (et. al) punish not only the sending IP block, but also the advertised host/IP block, spammers are advertising sites that won't exist for a few hours, tricking SpamCop (et al) into reporting on domains that don't exist and therefore cannot be penalized.

    --
    2advanced.net - Business Quality Hosting
  2. Re:Wanted: DNS geek by marsvin · · Score: 3, Informative
    When a DNS query goes to an ISPs DNS server, and the entry does not exist, does it go to the root servers?
    Yeah, how else would you know it doesn't exist?
    Secondly, do invalid domain names get cached (I'm thinking not)?
    Nowadays yes, but not for very long (on the order of 5 minutes, usually).
  3. The article is wrong. by mortonda · · Score: 3, Informative

    The article is just wrong, and there's a feedback post on the same page that explains why very well. (Although, what's with the stupid formatting?)