NordVPN Promotion

Home / Blogs

The .Name Domain Disrupted by Site Finder Patch

The “delegation-only” patch to BIND that was released for Internet Service Providers and others who wanted to block Site Finder service is reported to be disrupting emails to .name emails (that look like ‘[email protected]’). As a result, the Global Name Registry has submitted a letter [PDF] to ICANN stating:

“Due to recent events concerning changes to the DNS operations for .com and .net and the reaction of the community leading to the release of certain workarounds for a specific DNS server package, .name users are experiencing difficulties with the second level email forwarding service for .name. These issues have resulted from the hastily introduced patch to the BIND software, including the so-called ?root-delegation-only? feature. Certain ISPs have implemented this patch, and the incorrect use of this software will impact .name second level email users.”

The letter further states:

“Anyone who configures the .name zone as delegation-only, or fails to exclude .name from their root-delegation-only configuration, is currently blocking email to any address of the type [email protected]. This includes ALL people who have registered their .name email-forwarding address. To be clear, only users of the .name second level email forwarding service are affected by this issue. Domain name service for third level .name addresses is not affected. Global Name Registry is disappointed to see .name customers being caught up in the crossfire between other parties on the Internet and what has perhaps been an emotional rollout of a technical countermeasure to the .com and .net zone change. Even if this issue currently affects only a relatively small number of .name users, we take this loss of service for our users very seriously.”

The operator of the .name webmail services has also posted a complaint to the NANOG mailing list indicating that their services are disrupted by the BIND patch deployed to block VeriSign’s Site Finder.

“We operate webmail services for the .name TLD (MX and DNS resolution are handled by the nic.name people).

After the recent Verisign brouhaha, several of y’all patched their nameservers to stop believing Verisign (so did we).  Just that quite a few of you also seem to have set up your resolvers to do the same thing with other wildcarded TLDs.

.name is a wildcarded TLD and does have legit domains on it.  Right now we are seeing a lot of problems with .name domains being treated as unresolvable thanks to this, and mail from .name users is not getting through as mailservers are configured not to accept mail from unresolvable domains.

I know, .name domains don’t have zones or NS records attached to them - but yes, this is a legit wildcard (kind of like .museum, but this one is for vanity domains).  I’d request DNS admins here to not treat .name as delegation-only.”

Further updates to ISC BIND “delegation-only” Feature can be found here.

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

New TLDs

Sponsored byRadix

Brand Protection

Sponsored byCSC

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

NordVPN Promotion