-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Ehren,
On 03/22/2013 05:10 PM, Ehren Hawks wrote: > Wouter, > > Thank you for taking the time to review my issue. One more > question, is this a patchable fix and or something that will be > available in future releases of Unbound? This is available in future release of Unbound. You can get a patch, with svn diff http://unbound.net/svn/trunk/iterator -r2867:2868 > file and cd src/iterator ; patch -p0 < file. Best regards, Wouter > -----Original Message----- From: [email protected] > [mailto:[email protected]] On Behalf Of > [email protected] Sent: Friday, March 22, 2013 5:52 > AM To: [email protected] Subject: Unbound-users Digest, Vol > 64, Issue 15 > > Message: 1 Date: Thu, 21 Mar 2013 16:01:36 -0400 From: "Ehren > Hawks" <[email protected]> To: <[email protected]> > Subject: [Unbound-users] Private-address SERVFAIL Message-ID: > <[email protected]> Content-Type: > text/plain; charset="us-ascii" > > Today I had to disable private address stripping of 10.0.0.0/8 > because it was leading to SERVFAILS when looking up > echannel.stateauto.com > > > > I'm running Unbound 1.4.16 on Centos 6.2 > > > > Name : unbound > > Arch : x86_64 > > Version : 1.4.16 > > Release : 1.el6 > > > > The following dig shows the presence of private addresses in the > additional section. I thought by default Unbound would strip these > addresses when using the respective private addresss: option in the > config, but it appears to be leading to lookup failures. I haven't > a clue what else I should look at, if I should modify my config or > what. Thanks for guidance. > > > > > > [CDNS1]# dig @174.47.194.100 echannel.stateauto.com > > > > ; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> @174.47.194.100 > echannel.stateauto.com > > ; (1 server found) > > ;; global options: +cmd > > ;; Got answer: > > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50513 > > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: 5 > > ;; WARNING: recursion requested but not available > > > > ;; QUESTION SECTION: > > ;echannel.stateauto.com. IN A > > > > ;; AUTHORITY SECTION: > > echannel.stateauto.com. 3600 IN NS > dc1gss.stateauto.com. > > echannel.stateauto.com. 3600 IN NS > colgss.stateauto.com. > > echannel.stateauto.com. 3600 IN NS > irogss.stateauto.com. > > > > ;; ADDITIONAL SECTION: > > dc1gss.stateauto.com. 3600 IN A 10.30.252.102 > > dc1gss.stateauto.com. 3600 IN A 174.47.194.102 > > colgss.stateauto.com. 3600 IN A 66.192.197.102 > > colgss.stateauto.com. 3600 IN A 10.25.252.102 > > irogss.stateauto.com. 3600 IN A 63.86.19.102 > > > > ;; Query time: 26 msec > > ;; SERVER: 174.47.194.100#53(174.47.194.100) > > ;; WHEN: Thu Mar 21 15:44:22 2013 > > ;; MSG SIZE rcvd: 205 > > -------------- next part -------------- An HTML attachment was > scrubbed... URL: > <https://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20130321/9 > > 02d31f9/attachment-0001.html> > > ------------------------------ > > Message: 2 Date: Thu, 21 Mar 2013 13:19:43 -0700 From: Bry8 Star > <[email protected]> To: [email protected] Subject: Re: > [Unbound-users] Reply Email Going To User Instead of Mailing-List, > Pls Fix Message-ID: <[email protected]> Content-Type: > text/plain; charset="iso-8859-1" > > Hi Paul, Miek Gieben, I sent similar emails to others (not only to > you), to show/demonstrate, when someone subscribing to a > mailing-list, then he/she expect emails coming via/from the > mailing-list, not from a person directly. > > It is not right to send email directly to a user or few users > only. Initial posting and other posting are intended to be shared > with ALL subscribers. > > i also have close to 200 or over mailing-list subscription, let me > REPEAT, NONE are like this nlnetlab mailing-list. > > every other mailing-list ... when "Reply" button is pressed on any > posting, then Thunderbird opens new email and places the > mailing-list email address in the "To:" field, (except nlnetlabs.nl > list). > > That is what i'm expecting. > > I DO NOT WANT ANY PERSON/USER TO SEND ME EMAIL DIRECTLY. I > SUBSCRIBED to MAILING-LIST EMAIL-ADDRESS ONLY, NOT to a person's > email. > > That's what i wanted all to understand. > > If you cannot do that, then you should also place a notice in > subscription page that other users will start to email you > directly, when you subscribe. > > AND WHEN YOU REPLY ... MAKE SURE YOU HAVE PLACED ONLY ONE EMAIL > ADDRESS [email protected] IN THE "To:" FIELD, NO NEED TO > FILL "Cc:" or "Bcc:", REMOVE "Cc:" & "Bcc:". THANK YOU. > > -- Bright Star. > > > > Received from Paul Wouters, on 2013-03-21 12:31 PM: >> On Thu, 21 Mar 2013, Bry8 Star wrote: >> >> Please get a life. You'ev now been kill filed in my procmailrc, >> so if you ever want to ask unbound questions again, I guess I >> won't hear them. >> >> Paul >> >>> Hi Paul Wouters, i'm including your sent email's HEADERS, >>> except the "X-YMailISG:" header. >>> >>> Why are you sending email to me ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! >>> ! ! ! ! ! ! ! ! ! ! ! ! ! ! >>> >>> PLEASE DO NOT SEND EMAIL TO ME. >>> >>> SEND IT TO MAILING-LIST ONLY. >>> >>> I HAVE APPROVED/ALLOWED ONLY MAILING-LIST TO SEND ME EMAIL. >>> >>> NOT ANYBODY ELSE. -- Bright Star. >>> >>> X-Apparently-To: [email protected] via 98.139.211.135; Thu, 21 >>> Mar 2013 18:35:08 +0000 Return-Path: <[email protected]> >>> Received-SPF: none (domain of nohats.ca does not designate >>> permitted sender hosts) X-YMailISG: ... X-Originating-IP: >>> [193.110.157.68] Authentication-Results: >>> mta1164.mail.ne1.yahoo.com from=nohats.ca; domainkeys=neutral >>> (no sig); from=nohats.ca; dkim=neutral (no sig) Received: from >>> 127.0.0.1 (EHLO mx.nohats.ca) (193.110.157.68) by >>> mta1164.mail.ne1.yahoo.com with SMTP; Thu, 21 Mar 2013 >>> 18:35:04 +0000 Received: from localhost (localhost [IPv6:::1]) >>> by mx.nohats.ca (Postfix) with ESMTP id 3ZWxW9087Tz9YX; Thu, 21 >>> Mar 2013 14:35:01 -0400 (EDT) X-Virus-Scanned: amavisd-new at >>> mx.nohats.ca Received: from mx.nohats.ca ([IPv6:::1]) by >>> localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) >>> with ESMTP id oDE92QPQbn1B; Thu, 21 Mar 2013 14:34:59 -0400 >>> (EDT) Received: from bofh.nohats.ca (bofh.nohats.ca >>> [76.10.157.69]) by mx.nohats.ca (Postfix) with ESMTP; Thu, 21 >>> Mar 2013 14:34:59 -0400 (EDT) Received: by bofh.nohats.ca >>> (Postfix, from userid 500) id 2467C80BC4; Thu, 21 Mar 2013 >>> 14:35:00 -0400 (EDT) Received: from localhost (localhost >>> [127.0.0.1]) by bofh.nohats.ca (Postfix) with ESMTP id >>> 17A3780862; Thu, 21 Mar 2013 14:35:00 -0400 (EDT) Date: Thu, 21 >>> Mar 2013 14:35:00 -0400 (EDT) From: Paul Wouters >>> <[email protected]> To: Joe Abley <[email protected]> cc: >>> [email protected] Subject: Re: [Unbound-users] Reply Email >>> Going To User Instead of Mailing-List, Pls Fix In-Reply-To: >>> <[email protected]> Message-ID: >>> <[email protected]> >>> References: <[email protected]> >>> <[email protected]> >>> <cagwp77p8bec0ov+m8vgdzet+xg957z5yc9kwzcbu01zpzgr...@mail.gmail.com> >>> >>> <[email protected]> >>> <[email protected]> User-Agent: >>> Alpine 2.10 (LFD 1266 2009-07-14) MIME-Version: 1.0 >>> Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed >>> Content-Length: 227 >>> >>> >>> >>> >>> Received from Paul Wouters, on 2013-03-21 11:35 AM: >>>> On Thu, 21 Mar 2013, Joe Abley wrote: >>>> >>>>> Subject: Re: [Unbound-users] Reply Email Going To User >>>>> Instead of Mailing-List, Pls Fix >>>> >>>> Baby... bath water.... >>>> >>>> Take it off list? I've gone through enough of these >>>> "discussions". >>>> >>>> Paul >>> >>> > > -------------- next part -------------- A non-text attachment was > scrubbed... Name: signature.asc Type: application/pgp-signature > Size: 260 bytes Desc: OpenPGP digital signature URL: > <https://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20130321/3 > > 3d752b5/attachment-0001.sig> > > ------------------------------ > > Message: 3 Date: Thu, 21 Mar 2013 21:40:32 +0100 From: Miek Gieben > <[email protected]> To: [email protected] Subject: Re: > [Unbound-users] Reply Email Going To User Instead of Mailing-List, > Pls Fix Message-ID: <[email protected]> Content-Type: > text/plain; charset="us-ascii" > > [ Quoting <[email protected]> in "Re: [Unbound-users] Reply Email > Goi..." ] >> Hi Paul, Miek Gieben, I sent similar emails to others (not only >> to you), to show/demonstrate, when someone subscribing to a >> mailing-list, then he/she expect emails coming via/from the >> mailing-list, not from a person directly. > > As Paul said: kill-file > > Good bye, thanks -------------- next part -------------- A non-text > attachment was scrubbed... Name: signature.asc Type: > application/pgp-signature Size: 198 bytes Desc: Digital signature > URL: > <https://unbound.nlnetlabs.nl/pipermail/unbound-users/attachments/20130321/a > > 3581fd4/attachment-0001.sig> > > ------------------------------ > > Message: 4 Date: Thu, 21 Mar 2013 21:58:26 +0100 From: Jaap > Akkerhuis <[email protected]> To: [email protected] Cc: > [email protected] Subject: Re: [Unbound-users] Reply Email > Going To User Instead of Mailing-List, Pls Fix Message-ID: > <[email protected]> > > > Please, stop sending off-topic messages to this list. > > If you really don't like the way the mailing list is run, you can > always unsubscribe. > > jaap > > > ------------------------------ > > Message: 5 Date: Thu, 21 Mar 2013 20:18:36 -0700 From: David > Benfell <[email protected]> To: [email protected] > Subject: Re: [Unbound-users] Reply Email Going To User Instead of > Mailing-List, Pls Fix Message-ID: > <[email protected]> Content-Type: text/plain; > charset=ISO-8859-1 > > On 03/21/2013 01:19 PM, Bry8 Star wrote: >> Hi Paul, Miek Gieben, I sent similar emails to others (not only >> to you), to show/demonstrate, when someone subscribing to a >> mailing-list, then he/she expect emails coming via/from the >> mailing-list, not from a person directly. > > You are seeking to enforce what is, for all practical purposes, a > Reply-To policy. In open source software lists, there are many who > consider Reply-To evil. > > I happen not to agree with that evaluation, but from what I've > seen, it has majority acquiescence, if not support. > > My advice has to be, give it up. You are not going to win this > battle. > > What you will do instead is end up being banned. Which means you > lose. > > End of story. > > > ------------------------------ > > Message: 6 Date: Fri, 22 Mar 2013 10:52:05 +0100 From: "W.C.A. > Wijngaards" <[email protected]> To: [email protected] > Subject: Re: [Unbound-users] Private-address SERVFAIL Message-ID: > <[email protected]> Content-Type: text/plain; > charset=ISO-8859-1 > > -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > > Hi Ehren, > > On 03/21/2013 09:01 PM, Ehren Hawks wrote: >> Today I had to disable private address stripping of 10.0.0.0/8 >> because it was leading to SERVFAILS when looking up >> echannel.stateauto.com > > Thank you for the bug report, this is a bug in the private address > code where it removes the entire RRset. It is fixed to remove the > RR (and the RRset if it becomes empty (and thus also removes its > RRSIGs (if any)). > > That fixes the lookup for this domain name. It leaves the > publicly accessible addresses intact, and the domain then > resolves. > >> >> I?m running Unbound 1.4.16 on Centos 6.2 >> >> >> >> Name : unbound >> >> Arch : x86_64 >> >> Version : 1.4.16 >> >> Release : 1.el6 >> >> >> >> The following dig shows the presence of private addresses in the >> additional section. I thought by default Unbound would strip >> these addresses when using the respective private addresss: >> option in the config, but it appears to be leading to lookup >> failures. I haven?t a clue what else I should look at, if I >> should modify my config or what. Thanks for guidance. > > Another interesting thing is that this domain seems to discard > incoming queries with the ADflag. Which is turned on by default in > dig 9.9. dig +noad works fine. > > Best regards, Wouter > > >> >> [CDNS1]# dig @174.47.194.100 echannel.stateauto.com >> >> >> >> ; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> >> @174.47.194.100 echannel.stateauto.com >> >> ; (1 server found) >> >> ;; global options: +cmd >> >> ;; Got answer: >> >> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50513 >> >> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 3, ADDITIONAL: >> 5 >> >> ;; WARNING: recursion requested but not available >> >> >> >> ;; QUESTION SECTION: >> >> ;echannel.stateauto.com. IN A >> >> >> >> ;; AUTHORITY SECTION: >> >> echannel.stateauto.com. 3600 IN NS dc1gss.stateauto.com. >> >> echannel.stateauto.com. 3600 IN NS colgss.stateauto.com. >> >> echannel.stateauto.com. 3600 IN NS irogss.stateauto.com. >> >> >> >> ;; ADDITIONAL SECTION: >> >> dc1gss.stateauto.com. 3600 IN A 10.30.252.102 >> >> dc1gss.stateauto.com. 3600 IN A 174.47.194.102 >> >> colgss.stateauto.com. 3600 IN A 66.192.197.102 >> >> colgss.stateauto.com. 3600 IN A 10.25.252.102 >> >> irogss.stateauto.com. 3600 IN A 63.86.19.102 >> >> >> >> ;; Query time: 26 msec >> >> ;; SERVER: 174.47.194.100#53(174.47.194.100) >> >> ;; WHEN: Thu Mar 21 15:44:22 2013 >> >> ;; MSG SIZE rcvd: 205 >> >> >> >> _______________________________________________ Unbound-users >> mailing list [email protected] >> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users >> > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBAgAGBQJRTCnFAAoJEJ9vHC1+BF+NRU0P/2k8UchYFkFoME5o4k7V871+ > 9cWvIYNo9wV9HND/WqVnIYr1R5oBvJkmV1wsIcjRt3ZQhg0Hrwjoxd+zNWfr00M5 > dnx+52p+tEc8lpEw7feEF134aKXej3VcXXHnsiHVB1IggkVOM4/cmQkLshBcUEHt > BtaqYQxO3StYdRHQRHoKNaxSXVRO2VCzyO090iK4zeh2jhNs3xpforSNqiR+jJt0 > T52n0F4QsoPQqvopLzRW+D5nBPIF+TrokYhJuAnIUW5nYRUlIvs8JwxJO9Vs7z1n > zuo0+eEPSL5qo43Y9TB1nap62oDfr44SyiniovfIIvW923Nsj4gsAYgMr7KuwvMU > zUviFqVKF9b6Vgs2xzPLHX8/nNT8SafgC5Xlsd0C2RpVgTdhlDMQ0V6EPa1R1x3g > PtLZzIt8HK86NSZDcjVv/qPeDX7qEmGrBUVvUGJ63vO++1+E2X+eS8xraNwTjix0 > wFOsYgCtmU/DZ7jNs5gfLmnN8stH7qzebk12LSRMZ5U45cADq80suy8OdKyqSYaK > X7dQM1/plweTvDBxO38bwysqwRdM3Aj3uLNNK6a71KyyrZm+7XhZSBG7lQeBUy8H > MrpnWQJC3k7Xkb0UD/w83O0CK65fWX4SYyfC431ZB1+IwUuis4af9d2lfJfdB2Ef > yna3+WLTtPmvmHHMKS1G =dFX5 -----END PGP SIGNATURE----- > > > ------------------------------ > > _______________________________________________ Unbound-users > mailing list [email protected] > http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users > > End of Unbound-users Digest, Vol 64, Issue 15 > ********************************************* > > _______________________________________________ Unbound-users > mailing list [email protected] > http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJRUAZXAAoJEJ9vHC1+BF+NrDkQAJNNdugq1q8bz+TYODX1GNii 9Pvtz5JoQZdDiULR1zRBQvu6ZIZtPatalUJCdnGrU6RCmxRb4T7b4VTjoXCeGRbE KZ/XcW98vESx1wWkgBfofjckiXDmCGaSMp//v4JyFhbowEnkYnGmTU8aCit7Nnd+ DGCUMxdQn0cJGbIVs/jkcCh0hMIzphYtzkFv2v6o60ViMjIq8RZqXV7/+lXk0bMY Ng2GhxF5N+MXIpYy4AsjKJu6euUiFr8fAsFoG/p2fdpqiH5RZo6XgFdqDsgL85jW jpYRrO5eoznIFtf0en/NHd81VHGi2PmsykP++25rxJ9kFu4PuKW3zSFL7amNyl2i zeUEr6BTjaE60zBynJOZver55LI7ErjmSvVOhTu4PvlN2LBvcDVYZfqjDf5ByKba zMX0pgYjv66YOso6J531Jt+SAhdTeTje/E3q7s33PP8nlwla/g0KxrRFV/uKThRi jN6w5vZS6kkhgqWdApFZXKaZrtervGzEZZDeaqChBZk762GklZAqg4yF0GGJU2N2 AeQbpdrBj3RudTkrYiAZOdidUjjx4MODZbM02H8Nd0PW+a4uSNDAZgn4AytIxcbB LjH4kaDWvTvbuvS6Aa1xArkvKpCiUJavDVTPtz2PGSe2b/eyHMirjoadJYRBust5 tAv4lvDJzemjBNG21I/A =IF9r -----END PGP SIGNATURE----- _______________________________________________ Unbound-users mailing list [email protected] http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
