Enforce EDNS
Reindl Harald
h.reindl at thelounge.net
Tue Feb 7 19:09:59 UTC 2017
Am 07.02.2017 um 18:13 schrieb Chuck Anderson:
> On Tue, Feb 07, 2017 at 11:59:39AM +1100, Mark Andrews wrote:
>> I really don't want to add new automatic work arounds for broken
>> servers but it requires people being willing to accepting that
>> lookups will fail. That manual work arounds will now have to
>> be done. e.g. "server ... { send-cookie no; };"
>>
>> Servers not answering would EDNS or EDNS + DNS COOKIE would require
>> operator intervention.
>
> Break them. That's the only way it will eventually get fixed
if things would be that easy....
the admins of the broken servers ar the very last which are affected,
admins with a recent named have to bite the bullet of user terror and
users typically don#t give a damn when it worked yesterday
the admins of the broken server don't give a damn about as long they can
point their fingers and say "look, the rest of the world has no lookup
errors"
if it would be that easy the problem of spam would not exist for many
years while in reality you waste most of our time to write exceptions
here and there, disable rules or score them lower because you are not in
the position to educate every admin of sending servers out there
More information about the bind-users
mailing list