On Wed, Mar 26, 2008 at 06:42:57PM +0100, Martin Ebnoether wrote:
On the Wed, Mar 26, 2008 at 02:42:36PM +0100, Tonnerre Lombard blubbered:
...
It is also a DNS issue, depending on the number of results returned; the size of a DNS/UDP response is limited to 1 UDP packet, which again is limited in size. Not everyone uses DNS over TCP, and it is unlikely to be adapted just because of such a stupid and useless SPAM filtering measure.
While Xari's Setup with tons of PTR records is plain stupid. Xari, you should have a read about MX records. =:-)
But DNS uses UDP and TCP as I just checked. RFC 1035, Chapter 4.2 says: "The Internet supports name server access using TCP [RFC-793] on server port 53 (decimal) as well as datagram access using UDP [RFC-768] on UDP port 53 (decimal)."
Until recently only AXFR was using tcp, normaly resolver queries had to be udp. This rule was a bit relaxed because of the increased space needed for IPv6 but many authorative dns servers will only listen to UDP port 53 requests..