On 2020-09-30 at 11:08 +0200, Peter N. M. Hansteen via mailop wrote:
> Back in the day I suppose you could get a sort of working setup with
> UDP-only DNS, but this has me wondering, is there a quasi-rational
> historical reason for blocking 53/TCP?
I'd say that pretty much nothing broke back in
Am 30.09.2020 um 11:08 schrieb Peter N. M. Hansteen via mailop:
is there a quasi-rational historical reason for blocking 53/TCP?
see https://tools.ietf.org/html/rfc7766#section-1 ...
Andreas
___
mailop mailing list
mailop@mailop.org
https://list.mai
On 2020-09-30 10:25, Tim Bray via mailop wrote:
Blocking TCP a way to block zone transfers, but a rubbish one.
It may also be seen as a method by which to reduce the impact of DNS
amplification attacks. But also a poor one.
I'd suggest they probably just have a default deny policy and didn
On 30/09/2020 10:08, Peter N. M. Hansteen via mailop wrote:
Back in the day I suppose you could get a sort of working setup with
UDP-only DNS, but this has me wondering, is there a quasi-rational
historical reason for blocking 53/TCP? As in, was there at some point in
time a 'ping of death'-like
I came across a network that I need to communicate with where (not
unlike the one in
https://bsdly.blogspot.com/2018/02/a-life-lesson-in-mishandling-smtp.html)
they perform the checks for SPF, DKIM and so forth in the wrong places
in addition to on ingress.
Studying the headers at the receiving en