Re: abha ahuja
On Oct 20, 2012, at 3:41 PM, Randy Bush wrote: abha ahuja died this day in 2001. wonderful person, good netizen, good researcher. sigh. Yes. She is missed.
Re: Please, talk me down.
On Wed, Oct 17, 2012 at 09:45:09PM -0500, Jimmy Hess wrote: On 10/16/12, Randy Bush ra...@psg.com wrote: First off, I'm using djbdns internally and it doesn't support records. So we really aren't using it internally. if the clutch in my car is broken, should i stop using vehicles? dump djbdns or get some diehard to tell you how to fix it. Ah, but the clutch is not actually broken; it works perfectly, and it is a very robust clutch, not likely to break, it's just that the car was designed, so you need a wrench with you while at all times while driving, to actuate the clutch, and you need a screwdriver onhand as well to adjust gears.They have a raw record format, that allows you to enter a raw record into your tinydns data file, containing anything, including data. However, djbdns also lacks support for DNSSEC validation. the stock package 1.05, when installed on a 64-bit OS, contained an unpatched security vulnerability. If Joseph really likes to use the TinyDNS database so much there is an experimental PowerDNS backend of supposedly there is even an even more DNSSEC-patch somewhere. I can't find the patch right now, but it was mentioned in a presentation by the head developer at ICANN44: http://prague44.icann.org/node/31749 Here it the audio recording: http://audio.icann.org/meetings/prague2012/dnssec-workshop-27jun12-en.mp3 (135 MB) His presentation starts at: 3:32:18 He mentions it at: 3:46:53 And the PDF of his presentation is here: http://prague44.icann.org/meetings/prague2012/presentation-dnssec-power-dns-27jun12-en.pdf I don't expect anyone is using patch in production right now. The car was also designed with no electric ignition switch, and no headlights. You want to start your car, you need a manual crank. It's good enough; but probably the time comes soon to retire it. Electronic ignitions and headlights became the 'standard' a long time ago, but the car design was never improved to include the features (not necessarily an easy feat) --meanwhile,the person in charge of maintaining the design; spent many hours writing essays about the problem of light pollution caused by headlights, insisting that road lights instead would be better,and calling up issues about the extra weight and space required for batteries, danger of batteries leaking, or failing, leaving motorists stranded, etc, thus spending time not updating the design to incorporate beneficial, new standards. randy -- -JH Have a nice day, Leen.
Re: Please, talk me down.
On 18/10/2012, at 7:44 AM, Nicolai nicolai-na...@chocolatine.org wrote: On Wed, Oct 17, 2012 at 03:35:11AM +, Joseph Anthony Pasquale Holsten wrote: First off, I'm using djbdns internally and it doesn't support records. So we really aren't using it internally. I assume you mean stock djbdns doesn't support ip6, because it doesindeed support records. I use both dnscache and tinydns from djbdns and records work fine for me. Note: I'm not using Felix von Leitner's ip6 patch. $ dig chocolatine.org +short 2610:130:103:e00:201:2ff:fe45:8308 Resolver is dnscache, authoritate server is tinydns. No problem. I think the problem you're experiencing, if there is one, is not related to either djbdns or ip6. Nicolai
Re: Please, talk me down.
Apologies for the empty reply, mobile typo machine at work :( On 18/10/2012, at 7:44 AM, Nicolai nicolai-na...@chocolatine.org wrote: On Wed, Oct 17, 2012 at 03:35:11AM +, Joseph Anthony Pasquale Holsten wrote: First off, I'm using djbdns internally and it doesn't support records. So we really aren't using it internally. I assume you mean stock djbdns doesn't support ip6, because it does indeed support records. Actually, it doesn't, as you so kindly pointed out. It does WITH a patch. I use both dnscache and tinydns from djbdns and records work fine for me. Note: I'm not using Felix von Leitner's ip6 patch. Thanks for pointing that out, finally. $ dig chocolatine.org +short 2610:130:103:e00:201:2ff:fe45:8308 Resolver is dnscache, authoritate server is tinydns. No problem. I think the problem you're experiencing, if there is one, is not related to either djbdns or ip6. For real? Go figure. Nicolai
Re: abha ahuja
Very sad indeed. She contributed much to the net and Merit. On Oct 20, 2012, at 6:41 PM, Randy Bush wrote: abha ahuja died this day in 2001. wonderful person, good netizen, good researcher. sigh.
Re: Please, talk me down.
On Sun, Oct 21, 2012 at 10:09:24PM +1100, Jay Mitchell wrote: On 18/10/2012, at 7:44 AM, Nicolai nicolai-na...@chocolatine.org wrote: I assume you mean stock djbdns doesn't support ip6, because it does indeed support records. Actually, it doesn't, as you so kindly pointed out. It does WITH a patch. No. djbdns 1.05 supports records as anyone can verify. To make sure myself I just downloaded stock djbdns from the cr.yp.to website, installed, and ran some queries. Works as it always has. $ dig he.net +short 2001:470:0:76::2 That's an unpatched, stock dnscache. John Levine already described in this thread how tinydns supports records, so there's no point going over it again. I only responded to this thread to correct misinformation. sigh As an aside, you may want to fix your DNS, as some mail receivers don't like this: $ dig -x 72.249.91.101 +short static.serversandhosting.com. $ dig a static.serversandhosting.com +short 72.249.3.27 Nicolai
RE: Please, talk me down.
As an aside, you may want to fix your DNS, as some mail receivers don't like this: $ dig -x 72.249.91.101 +short static.serversandhosting.com. $ dig a static.serversandhosting.com +short 72.249.3.27 What is really meant to be said is that MTA's which require RFC compliance won't talk to you. Running an MTA which requires minimal RFC compliance (particularly in respect of DNS configuration) eliminates 98% of spam. --- () ascii ribbon campaign against html e-mail /\ www.asciiribbon.org
Re: Please, talk me down.
On Mon, Oct 22, 2012 at 9:19 AM, Keith Medcalf kmedc...@dessus.com wrote: What is really meant to be said is that MTA's which require RFC compliance won't talk to you. Running an MTA which requires minimal RFC compliance (particularly in respect of DNS configuration) eliminates 98% of spam. I wish it were that easy. -- Suresh Ramasubramanian (ops.li...@gmail.com)
Re: Please, talk me down.
In message 83452cbbe5c3c5439212c8a56346b...@mail.dessus.com, Keith Medcalf writes: As an aside, you may want to fix your DNS, as some mail receivers don't like this: $ dig -x 72.249.91.101 +short static.serversandhosting.com. $ dig a static.serversandhosting.com +short 72.249.3.27 What is really meant to be said is that MTA's which require RFC compliance = won't talk to you. Running an MTA which requires minimal RFC compliance (p= articularly in respect of DNS configuration) eliminates 98% of spam. Standards track RFC compliance REQUIRES that you ACCEPT email from that box. There is no standards track RFC that requires that PTR records exist. There is no standards track RFC that requires that PTR and address records are consistent. It is however good practice that these exist and are consistent. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org
