[Pdns-users] PowerDNS returns a malformed response when queried for a TXT record larger than 257 characters.

Augie Schwer augie.schwer at gmail.com
Tue Mar 30 00:12:38 UTC 2010


Hey Jullan,

Thank you for the reply -- my problem isn't how to compose a
multi-part SPF message inside a TXT record.

The problem I see is how PowerDNS (mis-)behaves when trying to serve a
non-compliant record.

PowerDNS returns NOERROR for the status and then returns a malformed message.

I understand the argument of "bad data in, bad data out"; I would
rather see PowerDNS not return bad data though.

--Augie

On Wed, Mar 24, 2010 at 6:14 PM, Julian Mehnle <julian at mehnle.net> wrote:
> Augie Schwer wrote:
>
>> PowerDNS returns a malformed response when queried for a TXT record
>> larger than 257 characters.
>>
>> [...]
>>
>> PowerDNS returns NOERROR and returns as much data as it can which ends
>> up creating the corrupt packet.
>>
>> Admittedly one shouldn't put bad data in (the above record is not RFC
>> compliant); I was hoping PowerDNS would handle the response better --
>> any of the response codes could fit and certainly not return a
>> malformed packet; I'd rather see an empty packet or maybe a truncated
>> RDATA and a NOERROR return code.
>
> The problem is that while a TXT record can contain multiple "strings" (the
> parts you have to enclose in double quotes in TXT records in both BIND
> and PowerDNS), each string can only be 256 bytes long at maximum by design
> -- one length octet plus 255 bytes of text (RFC 1035).  If you want to
> have a longer TXT record, you have to split it into several strings, like
> so:
>
>  "v=spf1 ip4:209.204.164.194 a mx mx:gordonmedical.com,
>   mx:mailin-02.mx.sonic.net,mx:g.mx.sonic.net, mx:mailin-01.mx.sonic.net,
>   mx:e.mx.sonic.net mx:a.mx.sonic.net, mx:c.mx.sonic.net,
>   mx:d.mx.sonic.net, mx:h.mx.sonic.net, mx:f.mx.sonic.net, mx:and "
>  "mx:b.mx."
>
> leaving a space between strings like so: "string1" "string2".  The SPF
> spec states that multiple strings will be concatenated seamlessly, so
> you'd probably have to include another space *in* the strings, either at
> the end of "string1 " or at the start of " string2".
>
> Note that this is different from splitting the record into several
> *records* (opposed to several strings in a single record).  This doesn't
> work with SPF since ordering among records is undefined by DNS and SPF
> wouldn't know how to concatenate them correctly.
>
> Of course you could just remove the erroneous commas and fix up the SPF
> record to get below the 256 characters limit in this particular case.
>
> -Julian
>
> _______________________________________________
> Pdns-users mailing list
> Pdns-users at mailman.powerdns.com
> http://mailman.powerdns.com/mailman/listinfo/pdns-users
>
>



-- 
Augie Schwer    -    Augie at Schwer.us    -    http://schwer.us
Key fingerprint = 9815 AE19 AFD1 1FE7 5DEE 2AC3 CB99 2784 27B0 C072



More information about the Pdns-users mailing list