> Am 30.10.2023 um 16:59 schrieb Michael Martinell via bind-users > <bind-users@lists.isc.org>: > > Thanks to all who responded. Putting qname-minimization disabled; in > named.conf resolves the issue in my testing. > > I did try specifying relaxed (which appears to be the default), but that > didn’t work either. > > I agree it would be great if the far ends would make sure what they publish > is correct, but it will take a large company to push them to do so. >
I usually tell people that the other side needs to fix their stuff. Mostly happens when people fubar their DNSSEC setup. But this name server stuff (more often then not, it’s some Load-Balancer acting as a DNS-server) In both cases: I usually ask them if they can be absolutely sure if the other side hasn’t been hacked? You don’t go and try to override broken SSL certificate setups with HSTS, do you? That said, I’m still on 9.16, too.
-- Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
