[dns-operations] Why would an MTA issue an ANY query instead of an MX query?
Tony Finch
dot at dotat.at
Mon Jun 11 14:47:20 UTC 2012
Vernon Schryver <vjs at rhyolite.com> wrote:
>
> My hope and almost ambition for the code I've been working on is
> find a default set of parameters response rate limiting parameters
> to reduce the nuisance of open resolvers.
Do you expect the parameters to differ for reflected amplification attacks
on authoritative servers? (which is the case that I care about.)
Have you considered minimal truncated replies as an alternative response
to over-limit clients? The idea being to move legit queries from the
victims onto TCP.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Portland: Variable 3 or 4, becoming northerly or northwesterly 4 or 5,
occasionally 6 in east. Slight or moderate. Occasional rain. Moderate or good,
occasionally poor.
More information about the dns-operations
mailing list