On Mon 14/Jan/2019 16:25:30 +0100 John R Levine wrote:
What sort of TXT does that dnsbl serve? Zen.spamhaus.org returns just A
records whether I ask for A or for ANY. If I ask for TXT, they return http
URLs that I could have synthesized myself from their A's. So, yes, a server
who asks ANY or TXT to spamhaus is poorly coded/configured.
The same kind of synthesized ones that spamhaus does, because they both use
BTW, do you know if rbldnsd provides some options to respond to ANY? I see
that bind has a "minimal-any" option to limit the response to one RRset (but
cannot find anything to respond HINFO.)
If you want A records, ask for A records. If you want TXT records, ask for
records. If you want both, ask for one and then the other, which is what my
DNSBL client does.
Isn't that wasteful? What do you mean by "and then the other", does your
client wait for a positive response to A before querying TXT? That doubles the
time, doesn't it? Why not fire both queries at the same time?
Anyway, it's worth spelling it out.
If you want unreliable junk, ask for ANY.
Got it! Let me quote rfc6762, in case someone else read this thread. Although
rfc6762 specifies mDNS, the following paragraphs are for regular DNS:
A common misconception is that a Unicast DNS query for qtype "ANY"
will elicit a response containing all matching records. This is
incorrect. If there are any records that match the query, the
response is required only to contain at least one of them, not
necessarily all of them.
This somewhat surprising behavior is commonly seen with caching
(i.e., "recursive") name servers. If a caching server receives a
qtype "ANY" query for which it has at least one valid answer, it is
allowed to return only those matching answers it happens to have
already in its cache, and it is not required to reconsult the
authoritative name server to check if there are any more records that
also match the qtype "ANY" query.
ietf-smtp mailing list