Strange BIND 9.4.1-P1 problem
Fr34k
freaknetboy at yahoo.com
Wed Aug 15 13:46:39 UTC 2007
Are we saying that this issue only affects configurations with:
dnssec-validation yes;
...or am I jumping to the wrong conclusion?
Clarification appreciated.
Thank you.
Mark Andrews <Mark_Andrews at isc.org> wrote:
> Mark Andrews skrev, on 14-08-2007 02:28:
>
> >> [...]
> >>
> >>> Upgrade now.
> >>> When a fix is is available you will need to upgrade again.
> >>>
> >>> I do have a question for you.
> >>> Does this resolver have DNS validation enabled?
> >> How does a resolver do DNS validation? The MTA (Postfix latest stable)
> >> on all the sites I administer does DNS validation for each message it
> >> receives, and if an address isn't valid it gives an smtp 450 - till the
> >> sending MTA gives up in the end - or adapts. But how does a resolver do
> >> DNS validation?
> >
> > Named has a resolver built into it. It also has a server built into
> > it. Let me rephrase the question.
> >
> > Does named have DNS validation enabled?
>
> This is a new one on me. I've looked through the admin doc and grep
> -i'ed in the doc arm directory and all I can find is DNSsec validation,
> which I can understand. Nor does Google turn anything up about any DNS
> validation that I didn't know already.
>
> What's meant by "DNS validation" in this context?
dnssec-validation yes;
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users
mailing list