[dns-operations] CloudFlare policy on ANY records changing
paul.hoffman at vpnc.org
Fri Mar 6 18:34:40 UTC 2015
On Mar 6, 2015, at 7:48 AM, Casey Deccio <casey at deccio.net> wrote:
> Be prepared... Less than two years ago a prominent DNS service began denying ANY queries for a previous employer's domain, and some (important) emails were not delivered.
FWIW, this seems to be less important than it was a few years ago. In specific, Cisco Ironport mail gateways had a bug that prevents them from receiving mail from SMTP systems that are configured to do TLS using recent OpenSSL. The bug has been patched for a few months, but some well-known domains (cough cough Dell) still haven't patched, and are losing mail in a way similar to what refusing to do ANY will cause, yet this isn't making the news. The new world doesn't care about mail non-delivery so much...
More information about the dns-operations