https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6862
--- Comment #5 from Mark Martinec <[email protected]> --- Just some tweaks for the record: r1446278 | mmartinec | 2013-02-14 18:28:05 +0100 (Thu, 14 Feb 2013) | 9 lines - change description of a dns_options EDNS option, add alias EDNS0 - ignore trailing dot in a domain name which sometimes still creep in - change word 'response' -> 'reply' in DNS debugging messages (RFC 1035) - test for truncated DNS reply, issue an info-level warning - debugging: trying to track down a bug in Net::DNS which can return a DNS packet with an empty question section The current description of the 'dns_options EDNS' option is: =item dns_options opts ... [...] Option 'edns' (or 'edsn0') may take a value which specifies a requestor's acceptable UDP payload size according to EDNS0 specifications (RFC 2671bis draft), e.g. edns=4096. In absence of an 'edns' option a traditional implied UDP payload size is 512 bytes. When the option is specified but a value is not provided, a conservative default of 1240 bytes is implied. It is recommended to enable 'edns' when using a local recursive DNS server which supports EDNS0 (like most modern DNS servers do), a suitable setting in this case is edns=4096. Allowing packets larger than 512 bytes can avoid truncation of answer resource records in large DNS responses (like in TXT records of some SPF and DKIM responses, or when an unreasonable number of A records is published by some domain). The option should remain disabled when a recursive DNS server is only reachable through some old-fashioned firewall which bans DNS UDP packets larger than 512 bytes. A suitable value when a non-local recursive DNS server is used and a firewall allows EDNS0 but blocks fragmented IP packets is perhaps 1240 bytes, allowing a DNS UDP packet to fit within a single IP packet in most cases. -- You are receiving this mail because: You are the assignee for the bug.
