On 24/04/10 18:14, Chris Thompson wrote:
> It occurs to me that this issue hasn't yet been mentioned on this mailing
> list, and that it might be as well to alert people here to it.
>
> qmail, as abandoned [completed?] by its author, has a bug which shows
> up if a DNS query with type ANY for a mail domain name gives a response
> of more than 512 bytes. Although that can happen for various reasons,
> it is quite inevitable if the mail domain name is the apex of a signed
> zone.

Interesting, and unfortunate given how (ahem) vocal I have found djb 
software users to be...

FWIW we've decided to test this by adding a large TXT to the apex of our 
zone, pointing qmail users to a description of the problem. This seems 
easier to backout than a zone signing and will allow us to gauge the 
scope of the problem (frankly I'm inclined to not worry about it!)