Subject: Re: switching from bind8 to bind9
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Robert Elz <kre@munnari.OZ.AU>
List: tech-net
Date: 11/18/2002 15:10:05
    Date:        Sun, 17 Nov 2002 15:44:57 +0100 (CET)
    From:        der Mouse <mouse@Rodents.Montreal.QC.CA>
    Message-ID:  <200211171451.JAA00804@Sparkle.Rodents.Montreal.QC.CA>

  | Are you volunteering a checking program?

No, I have no need for such a thing.

  | and I don't see what's wrong with bind including one

Because it has no way to be told what names (that are legal in the DNS,
it should certainly reject the ones that really are illegal - but there
aren't many of those) you happen to dislike, and which you don't.   If it
had a way that you could configure it with a list of bad names (or bad
name patterns, or something), I'd object less, but it doesn't.

That your server can even be configured to test my names and reject them
(even if that isn't the default way it is configured as shipped) is obscene.

  | What is your basis for saying they are "much more common and likely"?

Lots of DNS experience.

  | Beacuse _you_ are more likely to make them?  I regularly see domains
  | knocking on my mailserver's door claiming names that contain characters
  | illegal for use in domains within SMTP;

Yes, that happens a bit, but BIND usen't to disallow all of those (until
recently, '_' was illegal in SMTP names, but that one was mostly allowed in
BIND).

But in any case, the names you see at a mailserver haven't necessarily gone
anywhere near a DNS server - they've been configured in someone's mailer.
Having DNS servers reject them won't make them less likely to appear in SMTP.

The DNS server certainly cannot tell which particular names will appear in
SMTP contexts (it may guess that the ones with MX records might, but that's
just a guess).   It has no basis for enforcing SMTP's rules.

  | What is your basis for thinking that's _why_ bind9 doesn't do it?  It
  | seems at least as likely to me that they just haven't bothered yet.

I know the authors, and I know why they didn't include that stuff.   I also
know why that code was added in the first place.

kre