[Dnsmasq-discuss] Using dnsmask for dkim, trying to patch dnsmasq
Thomas Carrié
ThoCar at free.fr
Sat Aug 28 00:54:36 BST 2010
Hello,
I am setting up a mail server with DKIM (exim4u).
DKIM requires that I put the public key of my domain in a TXT record, so I add
in dnsmasq.conf
txt-record=gamma._domainkey.sample.info,"v=DKIM1; t=y; k=rsa;
p=MIG1MA0GCSqGSIb3DQEBAQUAA4GjADCBnwKBlwxSuaM6ckdmIAHbz4KjlmUjmVxH6kMlaJi29fHa7lWonM0AWoBw9Pli/EULXHpVj71W6uJD/dGOQBlFjy0zOFBlR/yJU79rRqLwEPyDM8FoaLHHQWEcX/msoL5xjFS9R9l1+FJG5SmVVmQcyT0hgiyfW87xE3YhPspN6jnaukDYmzejGdivky9SowCrZWNgLtuxBjDaI20CAwEAAQ=="
The problem is that dnsmasq rejects such a long record.
I have changed the code (option.c) to accept longer TXT record, but then my
response headers are invalid, here are the messages I get from dig for my
patched dnsmasq
$ dig @127.0.0.1 gamma._domainkey.sample.info TXT
;; Warning: Message parser reports malformed message packet.
;; WARNING: Messages has 272 extra bytes at end
When I capture the response with tcpdump, the DNS answer in incomplete, only
the first 10 bytes are here, I do not understand why, the UDP header says that
338 bytes are supposed to be sent. The last byte of the DNS response is the
3rd byte of the DNS TTL.
Can someone explain me how is it possible to have mismatch between the UDP
length and the real content of the packet ?
Hope I can have a response from author and community weither it is a good idea
or not to accept longer TXT record and to add DKIM capabilities to dnsmaq ?
Thanks for your feedbacks
--
Thomas Carrié
More information about the Dnsmasq-discuss
mailing list