...

Wrong protocol. There should be *NO* SMTP transactions for non-extistant domains.

After being bit by this over the weekend I would have to agree, due to a screwup at netSOL a companies domain I manage was resolving to their sitefinder service, and all mail just went *poof*.

At anytime, Verisign could remove your .COM domain from their DNS for a short period of time which would result in all of your inbound email going to the Verisign collector servers. If this was only done for a brief interval, say 10 minutes, you might never notice that it had happened. But Versign's industrial espionage department would have your email in their hands and could do whatever they wish with it. How profitable might that be? Of course, the right way to do this would be to resend the email onward so that you never notice any missing messages at all. In fact, if I were designing the system to do this, I wouldn't log anything at the mailserver. I'd let the mail server and web server technical folks have plausible deniability. Meanwhile, I would have diverted a copy of the mailserver communications at the Ethernet switch to a secret server that does the actual logging of addresses and messages. Son of Carnivore? --Michael Dillon