Not entirely on subject but.... I thought that allowing DNS queries to
occur via TCP is mission critical for simple mail routing. We ran across
this back in the day at @Home Network. Firewall rules were changed to not
allow port 53 TCP. This severely affected sending mail to large
distribution lists. Here is what we found and forgive me if I don't go into
too much detail as it was almost 10 years a go.
As I said, sites just don't do this as it causes serious
problems. Sites that disable TCP/53 outbound just end up
re-enabling it. Nameservers and stub resolvers automatically
retry with TCP and the client applications just don't get
answers returned when you start blocking TCP/53 outbound.
It doesn't take long for said stupidity to be reversed.
If you add enough recipients to an email, each domain within the send line
needs to have an associated MX record. DNS by default starts with UDP which
has a limit to the datagram size (64bit). A flag is placed in the
header which then requires the request to be sent via TCP (160bit V4). Now
that single query can be split up into many different packets providing that
the request is more than the 160 bit and obviously IPV6 offers even more
information contained in a single packet.
The number of recipients has no impact on the size of the
DNS responses. It will have a impact on the number of DNS
queries made iff the receipents are in multiple mail domains.