Deprecation notice force BIND 9.20+: source port(s)

Hi, in line with out deprecation policy, I am notifying the mailing list about our preliminary intent to deprecate the definition of the source ports and rely on the operating system to provide reasonable ephemeral port range for outgoing UDP and TCP connections. Specifying outgoing ports is a

Re: managed-keys vs trust-anchors

On Wed, Jan 04, 2023 at 03:25:10PM -0500, Bob McDonald wrote: > Thanks Evan and Ondrej. I'll let the folks at FreeBSD know also. Their > bind packages still include that file. The file itself is harmless. But we used to say it was best practice to check for updates at the ISC website before

Re: managed-keys vs trust-anchors

Thanks Evan and Ondrej. I'll let the folks at FreeBSD know also. Their bind packages still include that file. Bob On Wed, Jan 4, 2023, 14:59 Evan Hunt wrote: > On Mon, Jan 02, 2023 at 07:33:46AM -0500, Bob McDonald wrote: > > I've upgraded to bind 9.16.36. > > > > I went to the ISC site and

Re: managed-keys vs trust-anchors

On Mon, Jan 02, 2023 at 07:33:46AM -0500, Bob McDonald wrote: > I've upgraded to bind 9.16.36. > > I went to the ISC site and picked up the bind.keys file. > > However, it is intended for use in bind 9.11 and contains the managed-keys > clause. This throws an error in the syslog messages during

Re: Email migration and MX records

Bruce Johnson via bind-users wrote:- >We’re making an O365 tenant switchover for our domain (a subdomain of the >arizona.edu domain) and moving from our Barracuda cloud email SMTP to the >University’s tenant, but email cannot flow until the Arizona.edu O365 tenant >can take over our email

RE: Email migration and MX records

Bruce, I would push back and ask for more information from whomever is leading you down that path as it does not sound right to me although others more familiar with DNS magic might have better suggestions to DNS changes. But if Barracuda is just a front-end for email that does antivirus/spam

Re: Email migration and MX records

SMTP is a wonderful protocol that queues messages and retries delivery for 5 days so a non-responsive email server is no issue. Just do not have a temporary solution that bounces emails since those will never arrive (the sender is notified about the bounce). Marcus On 03/01/2023 21:31, Bruce

Re: Views vs Separate Authoritative & Recursive DNS

Hi E R. My short answer would be, don't configure views unless you have a good use case for them. For example you are running resolvers that have two different kinds of clients that need to be handled differently - one client set needs RPZ, the other doesn't. Or something like that. BIND has