The advanced DNS settings can be configured on the
page of the Administration Tool.The Timeout value limits the time ORF waits for the result of a single DNS lookup. The valid range is between 1 and 500 seconds. When this limit is exceeded, ORF either gives up, skips the given DNS-based test and proceeds with the rest (if any) or repeats the query using another DNS server (external resolver only), depending on your settings.
It is recommended to keep the timeout below 10-12 seconds, especially if you have multiple DNS servers listed or have many DNS-based tests (like DNS blacklists and SURBLs) enabled.
If enabled, the Perform DNS blacklist TXT lookups where available option forces ORF to perform TXT record DNS lookups where available.
Some DNS blacklists and SURBLs provide human-readable text information about the blacklisting reason. This information is returned to the remote SMTP server when ORF rejects the email. ORF has to perform an additional DNS lookup to get this information.
By turning this off, you may speed up lookups a bit (since no TXT data will be queried), but less information will be returned to the blocked sender about the reason of the rejection.
DNS uses the UDP transport protocol by default. UDP is packet-based and the maximum size of the packets is limited. When the DNS record data is too large to fit in an UDP packet, the ORF can repeat the lookup using the TCP protocol, which does not have this packet-size limitation. Enabling the Allow DNS to fall back to TCP from UDP option allows such protocol fallback. Disabling this option will prevent ORF from falling back to TCP. Recommended to be enabled.