[milters] Archive

Lists Index Date Thread Search

Article: 1846
From: Michael Grant
Date: 2008-03-15 10:23:08 -0400
Subject: Re: [SPAM] milter-spiff returning DNS UDP response truncated, TCP support not implemented

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

On Sat, Mar 15, 2008 at 12:55 PM, Anthony Howe <achowe@snert.com> wrote:
> > Milter: to=<user@example.com>, reject=451 4.4.3 sender
>  > <someone@accenture.com> via 170.252.72.96 SPF result TempError: DNS
>  > UDP response truncated, TCP support not implemented
>
> > Second, I don't know why this domain is returning a truncate bit on
>  > this dns query.  If I do it by hand with dig, it works fine.
>
>  Did you follow the chain of nested include: entries?

If you mean by using +trace in dig, yes.  Not a single response from a
query like 'dig -t txt +trace +all' returns anything longer than 512
bytes (I'm looking at the 'rcvd:' reported by dig), nor is the tc flag
set on any returned intermediate (or dig isn't reporting it).

>  > My understanding of DNS is that the udp query could truncate if the
>  > response is greater than 512 octets.  Is milter-spiff building a dns
>  > query that's sometimes returning data greater than this limit?
>
>  No. It is not in the building of the query, it is in the response(s)
>  returned.

I do realize, I wanted to see what you were querying to see if could
reproduce it with dig.

I had 8 messages rejected in the last 8 hours because of this from
various other domains.  This seems quite serious to me, am I the only
one seeing this?  I never saw this with milter-spiff 0.13.

I am using milter-spiff 0.14 and libmitler 1.66 that I downloaded on
12-mar-2008.

Michael Grant

Lists Index Date Thread Search