https://bugs.exim.org/show_bug.cgi?id=2329
Bug ID: 2329
Summary: valid DNS replies truncated to 2048 byte
Product: Exim
Version: 4.91
Hardware: All
OS: All
Status: NEW
Severity: bug
Priority: medium
Component: Networking
Assignee: nigel@???
Reporter: bjoern@???
CC: exim-dev@???
I saw these today while searching for a DANE problem in exim:
3148310 DNS lookup of example.fi (MX) resulted in overlong packet (size 4643),
truncating to 2048.
3148310 DNS lookup of mail.example.fi (AAAA) resulted in overlong packet (size
2715), truncating to 2048.
3148310 DNS lookup of mail.example.fi (A) resulted in overlong packet (size
2703), truncating to 2048.
3148310 DNS lookup of mail3.example.fi (AAAA) resulted in overlong packet (size
2716), truncating to 2048.
3148310 DNS lookup of mail3.example.fi (A) resulted in overlong packet (size
2704), truncating to 2048.
3148310 DNS lookup of mail2.example.fi (AAAA) resulted in overlong packet (size
2716), truncating to 2048.
3148310 DNS lookup of mail2.example.fi (A) resulted in overlong packet (size
2704), truncating to 2048.
3148312 DNS lookup of _25._tcp.mail.example.fi (TLSA) resulted in overlong
packet (size 3139), truncating to 2048.
On this host the resolver library is instructed to make DNS via TCP only (see
the use-vc option of recolv.conf), so replies larger than 2048 are possible and
not uncommon with DNSSEC and DANE. Exim should not truncate DNS replies to 2048
as this might invalidate the result (like the TLSA records here)
--
You are receiving this mail because:
You are on the CC list for the bug.
