From kyler-keyword-maradns10.e74014 at lairds.com Tue Dec 1 12:48:29 2009 From: kyler-keyword-maradns10.e74014 at lairds.com (Kyler Laird) Date: Tue, 1 Dec 2009 11:48:29 -0600 Subject: WKS query handling for CSV2 star entries In-Reply-To: <077713FF-768C-4DA2-8238-5113F8E5432C@webconquest.com> References: <20091118030418.GX24381@lairds.com> <077713FF-768C-4DA2-8238-5113F8E5432C@webconquest.com> Message-ID: <20091201174829.GM17313@lairds.com> On Wed, Nov 18, 2009 at 04:48:11AM +0100, Remco Rijnders wrote: > >If I use > > csv2["*.ucmerced.edu."] = "star.ucmerced.edu.csv2" > >I get an error for WKS queries to matching domains. > > $ host -t wks eecs.ucmerced.edu engdns00.ucmerced.edu > > eecs.ucmerced.edu WKS record query refused by engdns00.ucmerced.edu > I don't think a construct like csv2["*.ucmerced.edu."] > is ever going to work. And yet it does. WKS records are the only problem I've noticed. > What you should do instead is create a single > zone file for your domain, so: > > csv2["ucmerced.edu."] = "ucmerced.edu.csv2" This machine is not authoritative for ucmerced.edu. When it pretends to be (SOA), it appears that machines that know it's not authoritative (including our campus's e-mail server) ignore its responses. That causes "timeout" errors in the mail server trying to deliver mail to us. It seems that star/wildcard records work alright except for WKS queries. I'm calling that a bug. --kyler From strenholme.usenet at gmail.com Tue Dec 1 13:02:36 2009 From: strenholme.usenet at gmail.com (Sam Trenholme) Date: Tue, 1 Dec 2009 12:02:36 -0600 Subject: WKS query handling for CSV2 star entries In-Reply-To: <20091201174829.GM17313@lairds.com> References: <20091118030418.GX24381@lairds.com> <077713FF-768C-4DA2-8238-5113F8E5432C@webconquest.com> <20091201174829.GM17313@lairds.com> Message-ID: <7bd685720912011002p3373f8bau3513d2dc571f9d98@mail.gmail.com> >> I don't think a construct like csv2["*.ucmerced.edu."] >> is ever going to work. > > And yet it does. ?WKS records are the only problem I've noticed. Well, you've found a bug then. I will update MaraDNS so that the 1.4 and 2.0 releases don't allow stars or other characters that will result in broken behavior like this. You put a star in a zone file like this: csv2["name.foo."] = "db.name.foo" and have db.name.foo look like this: *.name.foo. MX mail.name.foo. mail.name.foo. 10.1.2.3 Note the db.name.foo. Note that name.foo in the csv2 dictionary index. Note that there isn't a star there. No star in the dictionary name index. Repeat: No star in the dictionary name index. > It seems that star/wildcard records work alright except for WKS queries. > I'm calling that a bug. It's not a bug. It's only a bug if you correctly use MaraDNS and things don't work. Doing something that no documentation tells you to do like csv2["*.ucmerced.edu."] is going to cause problems, plain and simple. Telling experienced MaraDNS users who point out you're mistaken that you're right and they're wrong isn't going to solve your problem. RTFM. Don't assume things: http://www.maradns.org/tutorial/man.csv2.html - Sam Note: I do not answer MaraDNS support requests sent by private email without being compensated for my time. A MaraDNS support request is any and all discussion you may wish to have about MaraDNS in private email; if you want to email me to talk about MaraDNS then, yes, that is a support request. I will discuss rates if you want this kind of support. Thank you for your understanding. MaraDNS security vulnerability reports, however, will be dealt with without charge and kept confidential. If you don't know what Bugtraq is, then, no, your email is not a security report. From strenholme.usenet at gmail.com Wed Dec 2 11:41:39 2009 From: strenholme.usenet at gmail.com (Sam Trenholme) Date: Wed, 2 Dec 2009 10:41:39 -0600 Subject: WKS query handling for CSV2 star entries In-Reply-To: <7bd685720912011002p3373f8bau3513d2dc571f9d98@mail.gmail.com> References: <20091118030418.GX24381@lairds.com> <077713FF-768C-4DA2-8238-5113F8E5432C@webconquest.com> <20091201174829.GM17313@lairds.com> <7bd685720912011002p3373f8bau3513d2dc571f9d98@mail.gmail.com> Message-ID: <7bd685720912020841x44837e0ci1ae2f0ced3f45619@mail.gmail.com> > Well, you've found a bug then. ?I will update MaraDNS so that the 1.4 > and 2.0 releases don't allow stars or other characters that will > result in broken behavior like this. OK, done. I have fixed the head (1.4/2.0) branch of MaraDNS so stars are no longer allowed in zone names. In addition, I have added a FAQ entry that briefly discusses MaraDNS' star record support: http://maradns.org/faq.html#star - Sam