On Fri, 2004-09-03 at 14:32, Andrew Newton wrote:
From the discussion on prefixes for the DNS record, there seems to have
been no discernible outcome regarding the use of prefixes for the
purposes of avoiding collisions with other DNS records (thus avoiding
fallback to DNS over TCP).
I suspect that I missed some of the comments on this possibly earlier,
as I only recently was able to get to this list. (I thought that perhaps
my developers were on it, but it turns out that they aren't, I think.)
Anyhow, here's my thoughts:
Any requirement (or even expectation) of DNS over TCP will probably
kill widespread adoption of Sender ID, as DNS over TCP does not work
over a large number of networks. Either it's blocked at a firewall, or
it's disabled on the DNS server.
If we use a record in domain.tld, we have a higher chance of collision
with some other record than if we use _senders (or some other prefix).
Granted, wildcards are a problem, but they're not really significant,
because obviously the admins who enable wildcards expect spurious DNS
hits and are willing to accept that strange things might happen. Also,
whether I get a collision (or too large of a DNS reply) from querying
*.domain.tld, or domain.tld, it makes no difference to me. The only
thing about using a prefix is that I get to choose to avoid that
collision.
I don't think it's a huge issue -- what are sysadmins currently using
TXT records in domain.tld for, and how many of them also have wildcards
enabled? I don't know of an extensive number of uses of those things
combined.
Personally, as a sysadmin, potential implementor, and the fellow who
will have to deal with any angry customers, I'd probably prefer having a
prefix, as I suspect that it will clear up more problems that it will
create.
--
Maxwell Kanat-Alexander
2nd Level Tech Support Engineer, USA
Kerio Technologies, Inc.
2041 Mission College Blvd. Suite 100
Santa Clara, CA 95054
Phone: (408) 496-4500
Fax: (408) 496-6902
Web: http://www.kerio.com/support.html