ietf-mxcomp
[Top] [All Lists]

Re: A 30% solution

2004-05-14 09:31:03

On 5/13/04 at 11:36 PM -0500, wayne wrote:

From the BIND9 documentation:

    Note: The rrset-order statement is not yet implemented in BIND
    9. BIND 9 currently supports only a "random-cyclic" ordering,
    where the server randomly chooses a starting point within the
    RRset and returns the records in order starting at that point,
    wrapping around the end of the RRset if necessary.

(*Mumble*)

Well, as was said earlier, the place where this makes a difference in my straw man is that if the receiving side uses the short circuit method, and the sending side has conflicting records in the DNS (a state of affairs that shouldn't happen anyway), the receiving side might get two different answers depending on what they get back first. I'm not overly concerned about that case, but your mileage may vary.

So, example.com has:

example.com. MX smtp.example.com.
smtp.example.com. A 1.2.3.4
example.com. MX secondary.example.net.

and under the control of example.net:
secondary.example.net. A 5.6.7.8

Now, even if you add the complement-set operator, you can't easily express the set of illegitimate IP address since !smtp.example.com includes the IP address of secondary.example.net and vice versa. More over, example.com may have no idea when example.net changes the IP address for secondary.example.net.

This I don't understand. Why can't example.com list secondary.example.net in its MARID record? It was perfectly capable of listing it in its MX.

There is no problem using secondary.example.net to describe the Legitimate set (L). However, it is useless when trying to describe the Illegitimate set (I).

Are you saying that it's going to be hard to come up with a syntax for "everything except smtp.example.com and secondary.example.net"?

pr
--
Pete Resnick <http://www.qualcomm.com/~presnick/>
QUALCOMM Incorporated - Direct phone: (858)651-4478, Fax: (858)651-1102


<Prev in Thread] Current Thread [Next in Thread>