You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@spamassassin.apache.org by bu...@bugzilla.spamassassin.org on 2010/02/18 01:30:39 UTC
[Bug 6338] Use of Bit 0x20 in DNS Labels to Improve Transaction
Identity
https://issues.apache.org/SpamAssassin/show_bug.cgi?id=6338
--- Comment #1 from Mark Martinec <Ma...@ijs.si> 2010-02-18 00:30:37 UTC ---
Updated to:
=item dns_options opts (default: empty)
Provides a (whitespace or comma -separated) list of options applying to
DNS resolving. Available options are 'rotate' and 'dns0x20' (without quotes).
Option name may be negated by prepending a 'no' (e.g. 'norotate') to
counteract previously enabled option. The last setting in configuration
files prevails. By default options 'rotate' and 'dns0x20' are disabled.
Option 'rotate' [...]
Option 'dns0x20' enables randomization of letters in a DNS query label
according to draft-vixie-dnsext-dns0x20, decreasing a chance of collisions
of responses (by chance or by a malicious intent) by increasing spread
as provided by a 16-bit query ID and up to 16 bits of a port number,
with additional bits as encoded by flipping case (upper/lower) of letters
in a query. The number of additional random bits corresponds to the number
of letters in a query label. Should work reliably with all mainstream
DNS servers - do not turn on if you see frequent info messages
"dns: no callback for id:" in the log, or if RBL or URIDNS lookups
do not work for no apparent reason.
trunk:
Bug 6338: Use of Bit 0x20 in DNS Labels to Improve Transaction Identity
(adds 'dns_options dns0x20', allows negation of dns options, off by default)
Sending lib/Mail/SpamAssassin/Conf.pm
Sending lib/Mail/SpamAssassin/Dns.pm
Sending lib/Mail/SpamAssassin/DnsResolver.pm
Transmitting file data ...
Committed revision 911235.
--
Configure bugmail: https://issues.apache.org/SpamAssassin/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.