[milters] Archive

Lists Index Date Thread Search

Article: 1844
From: Michael Grant
Date: 2008-03-15 07:08:07 -0400
Subject: milter-spiff returning DNS UDP response truncated, TCP support not implemented

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Since updating to libsnert 1.66 yesterday, i'm now seeing quite a few
of these in my log file:

Milter: to=<user@example.com>, reject=451 4.4.3 sender
<someone@accenture.com> via 170.252.72.96 SPF result TempError: DNS
UDP response truncated, TCP support not implemented

First, in looking in the code, I see that "TCP support not
implemented" means the snert lib does not implement it.  May I
suggest, to avoid confustion, changing this error to "TCP support not
implemented in libsnert (yet)" until it is implemented.

Second, I don't know why this domain is returning a truncate bit on
this dns query.  If I do it by hand with dig, it works fine.

My understanding of DNS is that the udp query could truncate if the
response is greater than 512 octets.  Is milter-spiff building a dns
query that's sometimes returning data greater than this limit?

Incidentally, I tried to turn on dns debugging in milter-spiff
(verbose=dns,debug) hoping to see the query it was building in Dns.c
line 255 but I don't see the DnsBuildQuery in the debug log.  I see
lots of other milter-spiff debug but not the query.

Michael Grant

Lists Index Date Thread Search