[dns-wg] DNSSEC breaks qmail
Lutz Donnerhacke lutz at iks-jena.de
Fri Feb 17 22:40:36 CET 2006
* Henning Brauer wrote: > no, since qmail reimplements the resolver parts (don't make me comment > on that) Even worse. The native qmail does use the resolver vom the libc, but only provides a buffer of 512 bytes. After the request qmail ignores the API result code and parses the buffer. If qmail runs in a bind enviroment, it finds some usable records and continues. If qmail runs with djbdns, the resolver does not fills the buffer at all (correct, too). Qmail does not find any record in the response and concludes, that it must be a temporary cname problem. You refer to a version with an applied patch: Partial reimplemenation od tinydns into qmail. There seems to be another patch out there, which allows TCP for DNS.
[ dns-wg Archives ]