https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6338
--- Comment #1 from Mark Martinec <[email protected]> 2010-02-18 00:30:37 UTC --- Updated to: =item dns_options opts (default: empty) Provides a (whitespace or comma -separated) list of options applying to DNS resolving. Available options are 'rotate' and 'dns0x20' (without quotes). Option name may be negated by prepending a 'no' (e.g. 'norotate') to counteract previously enabled option. The last setting in configuration files prevails. By default options 'rotate' and 'dns0x20' are disabled. Option 'rotate' [...] Option 'dns0x20' enables randomization of letters in a DNS query label according to draft-vixie-dnsext-dns0x20, decreasing a chance of collisions of responses (by chance or by a malicious intent) by increasing spread as provided by a 16-bit query ID and up to 16 bits of a port number, with additional bits as encoded by flipping case (upper/lower) of letters in a query. The number of additional random bits corresponds to the number of letters in a query label. Should work reliably with all mainstream DNS servers - do not turn on if you see frequent info messages "dns: no callback for id:" in the log, or if RBL or URIDNS lookups do not work for no apparent reason. trunk: Bug 6338: Use of Bit 0x20 in DNS Labels to Improve Transaction Identity (adds 'dns_options dns0x20', allows negation of dns options, off by default) Sending lib/Mail/SpamAssassin/Conf.pm Sending lib/Mail/SpamAssassin/Dns.pm Sending lib/Mail/SpamAssassin/DnsResolver.pm Transmitting file data ... Committed revision 911235. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
