From: Noel Jones (njonesmegan.vbhcs.org)
Date: Wed Mar 18 2009 - 08:49:11 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Bill Cole wrote:
> Noel Jones wrote, On 3/15/09 4:26 PM:
>> Sahil Tandon wrote:
>>> On Sun, 15 Mar 2009, Wietse Venema wrote:
>>>
>>>> Sahil Tandon:
>>>>> OpenDNS will not blindly redirect DNS queries that look like DNSBL
>>>>> requests. Notice the difference:
>>>>>
>>>>> % dig resolver1.opendns.com www.abcdefghijklmnop12345.com +short
>>>>> 208.69.32.132
>>>>> % dig resolver1.opendns.com
>>>>> 40.30.20.10.www.abcdefghijklmnop12345.com +short
>>>>> %
>>>> Note, this still breaks lookups of rfc-ignorant.org and other sites
>>>> that blacklist domain names instead of IP addresses.
>>>
>>> FWIW, OpenDNS appears to work with rfc-ignorant.org, but that's only
>>> because
>>> they know about it: http://www.opendns.com/support/article/33
>>>
>>>> If you must run an MX host, use a real DNS server.
>>>
>>> Agreed!
>>>
>>
>> If you sign up for a free account at OpenDNS you can turn off their
>> helpful typo-correction feature.
>>
>> Then OpenDNS works splendidly on an MX.
>> They do have a clue.
>
> No volume or quality of clues can trump the hard limit of the speed of
> light...
>
> The hardest problem with using someone else's DNS server (i.e. one many
> miles away across multiple router hops) for an MX host is that it will
> come with higher hard query latency (i.e. ultimately 'c' bound) and with
> less easily predicted higher latencies relative to a local cache that is
> dedicated to the MX host(s), which would have higher cache hit rates.

Your facts are correct, your conclusion is wrong.
But I'm done with this thread.

   -- Noel Jones

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]