[dns-operations] DNS greylisting?
Sam at ChangeIP.com
Tue Mar 7 20:16:30 UTC 2006
> The idea is to use SYN cookies to whitelist "good" addresses, without
> keeping too much state servers-side. You can use CNAME RRs to
> implement pure UDP-based cookies, by the way. (Riverhead applied for
> a patent on such techniques, IIRC.)
Too many resolvers would break because they never implemented DNS over TCP.
More information about the dns-operations