[Pdns-users] odd TXT record response

Thomas Mieslinger miesi at pc-h.de
Fri Apr 5 19:25:28 UTC 2013 

Hi Ed,

you simply can't. Please read carefully the section 3.3 of rfc1035 and 
section 3.1.3 of rfc4408.

Strings can not be longer than 255 Characters.

dig or whatever tool you you use displays where the string has been 
broken up. If your software can not concat the strings of a txt record 
together, the software is broken.

Yes, I know. A lot of software out there parsing spf/txt records can not 
cope with strings longer than 255 Characters.

But I think it is easier to fix the software than to extend the dns 
protocol.

Thomas

On 04/05/2013 08:18 PM, Ed wrote:
> HI List!
>
> I'm hoping there's and easy fix for this.
>
> Using :
> pdns-recursor-3.3-1.el6.x86_64
> pdns-backend-mysql-3.1-2.el6.x86_64
> pdns-3.1-2.el6.x86_64
>
> When implementing DKIM and querying the TXT records we found that some
> of them are being split in the middle with "  " ...  They are not in the
> database this way but show up in the authoritive response thus :
>
> default._domainkey.xxxxxx.net. 85551 IN    TXT    "v=DKIM1\; t=y\;
> p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjP6+vgjFoPQNClyQL56SAPDKRux6vBK4NhjsgC3BjmrRPKBVrwymWAfjQUcLh/F17n73lwC11lng2g2goUxKA98peU2TamIxUCJgzXKTWQaeSDZuM9K3E7Zz7WV3DsMdlesQgXpIpOpxOZFNQBbWBitP2w/nRDh3h3W5Fy8zECh8Sy6f+pf4tNsb5d5m3mWwbWxnqWM"
> "g3flGXmSriqg1s0NbHXNR1tQ96fjFVkQKnzvG38BhWWUWFUGVUze+gei/MtfDBbcyLNohcgRoBpK7SA4dLJKSMcRUPkRIS9o9Jk0kDqj76HUw+YqAABAS2+ok6gi2PlwTp62cEOOFj9GKQIDAQAB"
>
> Please disregard the wrap, see the "  " next to ...WM"  "g3...
>
> The actual record is thus:
>
> v=DKIM1; t=y;
> p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjP6+vgjFoPQNClyQL56SAPDKRux6vBK4NhjsgC3BjmrRPKBVrwymWAfjQUcLh/F17n73lwC11lng2g2goUxKA98peU2TamIxUCJgzXKTWQaeSDZuM9K3E7Zz7WV3DsMdlesQgXpIpOpxOZFNQBbWBitP2w/nRDh3h3W5Fy8zECh8Sy6f+pf4tNsb5d5m3mWwbWxnqWMg3flGXmSriqg1s0NbHXNR1tQ96fjFVkQKnzvG38BhWWUWFUGVUze+gei/MtfDBbcyLNohcgRoBpK7SA4dLJKSMcRUPkRIS9o9Jk0kDqj76HUw+YqAABAS2+ok6gi2PlwTp62cEOOFj9GKQIDAQAB
>
> This record is over 400 characters long.
>
> We also noticed that shorter records like this one:
>
> 426._domainkey.xxxxxxx.net. 86400 IN    TXT    "v=DKIM1\; k=rsa\; t=y\;
> p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDX4g65x3TtbcJG6te4BHXLoi/XvUgS86c4Tnt5Cz8+psivHlFpUCEn7PxoT3IwXZFRSu64r9rFIIpuMD7zJO8Q9LsNpLNX/TcKVFVKoLhYgWgH3k98dhFPEpgePxE4/I+7OxdEVttB+Aw7Oyf2WBNKPNuOWswo5U7Ue1dzaWzCFwIDAQAB"
>
> are not split.  This one is 242 characters.
>
> What do I need to do to get PDNS to stop inserting the  ..."  "... in
> the middle of the text record ?
>
> Thanks!
> --Ed
>
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
>

More information about the Pdns-users mailing list