On Thu, 2004-11-11 at 09:23, Helmut Schneider wrote:

> query-source address * port 53;


Don't do that. DNS forgery is much easier when you do that, and some
firewalls will probably block queries originating from port 53 as well.

For more information on DNS forgery, read this:

http://cr.yp.to/djbdns/forgery.html

Ketil Froyn
ketil@froyn.name
http://ketil.froyn.name/