https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6338
--- Comment #6 from Mark Martinec <[email protected]> 2010-03-01 19:50:02 UTC --- Now that I think of it, even the current (3.2, 3.3) code relies on a query section of a reply packet matching exactly the query packet. This happens to work on all mainstream DNS servers, but there is no guarantee for this in a form of a RFC requirement. In essence, we are already depending on poor-man's form of a dns0x20, just without any additional entropy. The 'dns_options dns0x20' could just as well default to true, without breaking anything that isn't already broken. Does anybody feel we need to lift the requirement for an exact (case-for-case) match when dns0x20 option is NOT enabled? Some poor soul on a cheap home router/firewall/dns-server may be affected by this without knowing why his SA DNS queries sometimes fail. -- Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug.
