Hi Guys, is there a plan to release this in one of the experimental releases? I am ok with providing some help if needed. I don't want to be annoying, I just don't want this to be forgotten.
On Tue, Oct 11, 2022 at 5:58 PM Viktor Dukhovni <vik...@dukhovni.org> wrote: > > On Tue, Oct 11, 2022 at 11:46:09AM -0400, Wietse Venema wrote: > > > > And of course we can always rely on Microsoft's > > > "mail.protection.outlook.com" > > > nameservers to exhibit suboptimal behaviour. Probing for SRV records > > > there (though unlikely to happen in practice) yields an unexpected > > > NOTIMP, and SERVFAIL from recursive resolvers: > > > > See, I was justified in my reluctance to do opportunistic SRV lookups > > by default. Thanks for doing my homework. > > > > > Such issues are otherwise rare, but the proof of concept does point out > > > that brokenness is possible. > > > > I'm a tad surprised, because MS seems to a prominent user of this. > > My example is artificial, the autoconfig suffixes are recipient domains, > not MX host domains, so autoconfig lookups for "mail.protection.outlook.com" > wouldn't normally happen, that's where the customer MX host names live, > but it is not itself a recipient domain. > > DNS for "mail.protection.outlook.com" is handled by particularly > retarded loabalancers, which don't do EDNS(0), barely handle A/AAAA > lookups and return NOTIMP in response to queries for most other record > types... > > -- > Viktor. >