[rbldnsd] AAAA Queries?
Victor Duchovni
Victor.Duchovni at MorganStanley.com
Fri Jul 28 18:00:21 MSD 2006
On Fri, Jul 28, 2006 at 09:42:26AM -0400, Bri Bruns wrote:
> Here's whats going on, and its very simple. On machines with IPv6
> enabled and functioning, for example, a Linux box, the resolver queries
> go by default AAAA lookup, then a normal A lookup. I can't remember
> why - I think it has something to do with an IPv6 related RFC, where
> IPv6 is supposed to be tried first before IPv4 unless the resolver
> library is explicitly told to do so otherwise.
True for getaddrinfo(), but RBL lookups are not usually made from the
C-library getaddrinfo() routine. Rather RBL aware software makes
explicit DNS "T_A" lookups. If somebody writes broken RBL lookup
software that uses getaddrinfo() they need to be sent off for
"re-education"...
> Since all of my servers and dns servers are IPv6 enabled, this is what
> happens. Currently, we can even accept AHBL dnsbl queries directed at
> one of the servers via IPv6 as well (the others either I dont have
> control over, or haven't had time to set it up).
This is not a good explanation. The issue is a badly written RBL
lookup client. Postfix for example, will not make "AAAA" RBL lookups
even on the platforms you describe.
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
More information about the rbldnsd
mailing list