Le 22/04/2014 18:55, Scott Kitterman a écrit : > On Tuesday, April 22, 2014 18:36:08 Erwan David wrote: >> Le 22/04/2014 18:29, Tim Smith a écrit : >>> Just trying to get my head round the error and understand what is >>> actually happening. >>> >>> So to summarize, the delivery.mailspampropection.com domain has 81 A >>> records which, when queried won't fit into a UDP packet which explains >>> why Postfix correctly says it can't resolve the hostname. >>> >>> Is there some kind of fix I can employ here for this particular >>> server? Would entries in the /etc/hosts file work? I assume that if I >>> have "multi on", I can put an entry in for each A record? >> In that case DNS should switch to TCP or use EDNS, both MUST be >> available in a modern installation, because DNS answers become larger >> with new features (IPv6 addresses, DNSSEC, etc.) > Yes, but all it takes is one firewall that blocks TCP port 53 and the TCP > fallback fails. Even on the modern internet you have to try to fit in a UDP > packet if you want reliable service. > > Scott K > No, that time is finished. Take a domain with just 2 MXes and an signed DNS
dig +dnssec MX rail.eu.org -> 1248 bytes