[Dnsmasq-discuss] Using dnsmask for dkim, trying to patch dnsmasq

Thomas Carrié ThoCar at free.fr
Sat Aug 28 00:54:36 BST 2010


Hello,

I am setting up a mail server with DKIM (exim4u).

DKIM requires that I put the public key of my domain in a TXT record, so I add 
in dnsmasq.conf

txt-record=gamma._domainkey.sample.info,"v=DKIM1; t=y; k=rsa; 
p=MIG1MA0GCSqGSIb3DQEBAQUAA4GjADCBnwKBlwxSuaM6ckdmIAHbz4KjlmUjmVxH6kMlaJi29fHa7lWonM0AWoBw9Pli/EULXHpVj71W6uJD/dGOQBlFjy0zOFBlR/yJU79rRqLwEPyDM8FoaLHHQWEcX/msoL5xjFS9R9l1+FJG5SmVVmQcyT0hgiyfW87xE3YhPspN6jnaukDYmzejGdivky9SowCrZWNgLtuxBjDaI20CAwEAAQ=="

The problem is that dnsmasq rejects such a long record.

I have changed the code (option.c) to accept longer TXT record, but then my 
response headers are invalid, here are the messages I get from dig for my 
patched dnsmasq

$ dig @127.0.0.1 gamma._domainkey.sample.info TXT

;; Warning: Message parser reports malformed message packet.
;; WARNING: Messages has 272 extra bytes at end

When I capture the response with tcpdump, the DNS answer in incomplete, only 
the first 10 bytes are here, I do not understand why, the UDP header says that 
338 bytes are supposed to be sent. The last byte of the DNS response is the 
3rd byte of the DNS TTL.

Can someone explain me how is it possible to have mismatch between the UDP 
length and the real content of the packet ?

Hope I can have a response from author and community weither it is a good idea 
or not to accept longer TXT record and to add DKIM capabilities to dnsmaq ?

Thanks for your feedbacks
-- 
Thomas Carrié



More information about the Dnsmasq-discuss mailing list