On Mon, Feb 19, 2007 at 07:56:36PM +0800, Edward Lewis <[EMAIL PROTECTED]> wrote a message of 69 lines which said:
> >Another desirable default resolver configuration would be to refuse > >recursive queries from non-local addresses. > > How? What's local? What's not local? Do you want to see the name > server be required to also speak the local routing protocols to > determine what's inside and what's outside? While I agree with most of what you said (we should not treat the RFC 1918 addresses in a special way because they are not special), here, I find that you exaggerate: many programs test what is local or not by checking if the client is on a directly-connected network. (And, of course, the sysadmin can override it.) If handles most of the cases. So, using "local" to mean "LAN" is not too bad. Postfix works that way (by default, it relays only for local addresses) and everyone seems happy. The source code in ./src/util/inet_addr_local.c is fun to read, with all the comments on portability. _______________________________________________ DNSOP mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dnsop
