[exim-dev] [Bug 2329] New: valid DNS replies truncated to 20…

Top Page

Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 2329] New: valid DNS replies truncated to 2048 byte
https://bugs.exim.org/show_bug.cgi?id=2329

            Bug ID: 2329
           Summary: valid DNS replies truncated to 2048 byte
           Product: Exim
           Version: 4.91
          Hardware: All
                OS: All
            Status: NEW
          Severity: bug
          Priority: medium
         Component: Networking
          Assignee: nigel@???
          Reporter: bjoern@???
                CC: exim-dev@???


I saw these today while searching for a DANE problem in exim:

3148310 DNS lookup of example.fi (MX) resulted in overlong packet (size 4643),
truncating to 2048.
3148310 DNS lookup of mail.example.fi (AAAA) resulted in overlong packet (size
2715), truncating to 2048.
3148310 DNS lookup of mail.example.fi (A) resulted in overlong packet (size
2703), truncating to 2048.
3148310 DNS lookup of mail3.example.fi (AAAA) resulted in overlong packet (size
2716), truncating to 2048.
3148310 DNS lookup of mail3.example.fi (A) resulted in overlong packet (size
2704), truncating to 2048.
3148310 DNS lookup of mail2.example.fi (AAAA) resulted in overlong packet (size
2716), truncating to 2048.
3148310 DNS lookup of mail2.example.fi (A) resulted in overlong packet (size
2704), truncating to 2048.
3148312 DNS lookup of _25._tcp.mail.example.fi (TLSA) resulted in overlong
packet (size 3139), truncating to 2048.

On this host the resolver library is instructed to make DNS via TCP only (see
the use-vc option of recolv.conf), so replies larger than 2048 are possible and
not uncommon with DNSSEC and DANE. Exim should not truncate DNS replies to 2048
as this might invalidate the result (like the TLSA records here)

--
You are receiving this mail because:
You are on the CC list for the bug.