Am 15.09.2014 um 15:58 schrieb Kevin Chadwick:
On Mon, 15 Sep 2014 12:59:46 +0200
Marco Prause wrote:
Does anyone already met some familiar issue and maybe have some
workarounds ? Or can anyone verify / falsify my libc-theory ?
I'd look into whether you still have an issue whilst using TCP for the
requests?
Well, I gave options edns0 tcp in resolv.conf a short try, but with
the same result in the maillog: non DNSSEC destination for i.e. ietf.org.
Concerning a DO-Bit I could only find a hint in the bind-sources, like
i.e. /usr.sbin/bind/bin/named/query.c but nothing equivalent in
./libc/net/res_query.c or ./lib/libc/net/res_mkquery.c
At the moment I have no idea to reproduce the postfix query manually
through the libc-calls.
While sniffing on the outside interface I can see, that queries that go
through libc-stub-resolver don't have the DO bit set anymore.
Regards,
Marco