[dns-operations] DNSSEC and qmail
Lutz Donnerhacke
lutz at iks-jena.de
Thu Oct 8 13:07:58 UTC 2009
* Tony Finch wrote:
> We've just had a report of qmail being unable to deliver mail to our site.
> The cam.ac.uk zone has been signed for a few months, and it seems that
> some of our DNS responses blow out qmail's 512 byte response buffer. Its
> error messsage is "CNAME lookup failed temporarily" but in fact qmail
> actually performs an T_ANY lookup which produces a 1.3KB reply (DO=0).
Very old problem.
news:slrndvb8nb.tr.lutz at taranis.iks-jena.de
http://www.ripe.net/ripe/maillists/archives/dns-wg/2006/msg00019.html
http://www.ripe.net/ripe/maillists/archives/dns-wg/2006/msg00020.html
There is a patch for qmail to increase the buffer size to 4096. This does
not solve the problem, i.e. during key rollovers, but helps in most cases.
More information about the dns-operations
mailing list