VeriSign Wild Card DNS

19th September 2003 · Internet

Once upon a time there was a difference between a domain name that existed and a domain name that did not exist. It was very simple to find out if a domain existed, you did a DNS lookup on the domain and the DNS server either told you the domain’s IP address(es) or it told you that it couldn’t find the domain, i.e. it did not exist.

This was a very useful facility for very many reasons. Aside from simple things like validating data entry forms, one of its main uses was to stop spam from the more clueless spammers (and there are a lot of them around). When receiving e-mail, mail servers (like sendmail, exim, etc.) checked that the domain that the e-mail claimed to be from actually existed. This simple check got rid of large volumes of spam, not all of it, but a large volume nevertheless.

Then VeriSign came along and changed the DNS records for the .com and .net zones. This anti-spam check no longer works and you are likely to receive a lot more spam because of this.

On the 15th of September 2003 VeriSign decided that it would be a good idea to create wild card DNS (or wildcard DNS) records for .com and .net – records which pointed to their own site.