Elliot F wrote:
Exactly why I said tinydns. DNS would have a much lower overhead than LDAP, and
much cleaner caching methods (than LDAP.) How is it a gross violation of DNS?
For the same reason people object to SPF: it would inevitably involve
changing the meaning of an existing record type. DNS != a distributed
database, in particular because you are relying on other people's
infrastructure to implement *your* system. By this I mean that to look
up jpeacock.rowman.com.email.rowman.com, you hit the root servers, then
the .COM servers for no good reason.[1]
In reality, my vpopfinger is very efficient in that the total network
traffic is less than a single TCP/IP packet each way - len(email
address) out and < 200 bytes back. There is no reason to cache this
information since most environments won't have the same address
receiving e-mail more than a couple of times per minute.
It would depend entirely on the implementation. It could be done very cleanly,
assuming you don't try to get too fancy with it (storing AUTH information, for
example.)
Oh, you mean like DNSSEC???
John
1) Unless of course, you have already configured dnscache to directly
query your tinydns instance for all of the domains you are authoritative
for, thus preventing needless queries.
