This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[dns-wg] DNSSEC breaks qmail

Previous message (by thread): [dns-wg] DNSSEC breaks qmail
Next message (by thread): [dns-wg] DNSSEC breaks qmail

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Lutz Donnerhacke lutz at iks-jena.de
Fri Feb 17 13:02:35 CET 2006

* Roy Arends wrote:
> I can think of non-dnssec responses that are larger than 512 octets, so
> the subject of this message does not cover its content.

Of course. The ANY request for "bofh." does exceed 512 bytes, too. In this
case it's caused by the large number of NS records. DNSSEC "guarantees"
exceeding this limit.

> I am not sure what CNAME has to do with this.

djb might notify this only the case of CNAMEs, because the additional
section becomes be quite long.

> I have seen patches for qmail that make it handle larger udp packet
> sizes.

You have to install them in order to send mail to DNSSEC domains.

> Which service marks a DNS message 'truncated' in your example ?

The questioned nameserver. Setting the TC bit is a requirement from RfC 1035.

Previous message (by thread): [dns-wg] DNSSEC breaks qmail
Next message (by thread): [dns-wg] DNSSEC breaks qmail

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ dns-wg Archives ]