Victor Duchovni wrote: > On Thu, Jan 22, 2009 at 12:57:30PM +0100, Schilling, Timo wrote: > >> Hello to everybody, >> >> while we use the option "reject_unknown_helo_hostname" we noticed, that >> single hostnames will be rejected without contacting the dns-servers. >> After some debugging of the source code we got to this line: >> This part is out of the "dns_lookup.c" and function "dns_query" >> 226 _res.options &= ~saved_options; >> >> where the flag "RES_DEFNAMES" will be negated and so no >> domain-information will be added to the hostname. > > The hostname is used with the HELO command in SMTP is required to be > the full hostname of the client not a leading prefix. If the hostname > is really just a single label as in: > > ai. 14388 IN A 209.59.119.34 > ai. 14388 IN MX 10 mail.offshore.ai. > > Then it can use "HELO ai" and will pass the "reject_unknown_helo_hostname" > test. I think you get my question wrong. I don't want the TLD as hostname, I mean a hostname in a non-fqdn-format.
So for example a mail server connects with: ehlo server1 but it should be: server1.mydomain.com I know the name should be fqdn, but we have the option "reject_non_fqdn_helo_hostname" to reject such hosts, if we want too. Postfix shouldn't negate the flag (from 1 to 0) so that the function "res_search" doesn't append the known domain-informations. But it is done in the above mentioned file, but why? BTW: I don't think the "ai" from you example will be resolved, because postfix will not ask the dns-server while there are no dots in the name. Regards Timo Schilling > > Whether TLDs as hosts or mail domains are a good idea, is not a discussion > I want to repeat here, too badly bruised from the one just dying down > on another list. > > Summary: FWIW, I believe that ICANN's gTLD expansion is a terrible, > perhaps even irresponsible idea, and the changes in RFC 5321 to support > <localp...@tld> email addresses is not well thought out. I hope such > addresses never come into serious use. > > The folks arguing stridently against me also think ICANNs policy is a > bad idea, but believe that "progress" in this direction is inevitable, > and that it is OK to implement unreliable behaviour provided it is right > "most of the time", and so want to see <localp...@tld> work when the TLD > is known to exist, and to be treated as a local partial name otherwise. > > This "have your cake and eat it" requirement has no reliable > implementation that does the right thing when DNS lookups tempfail. It > also has no sensible implementation in disconnected environments, ... > > The above is just for the record. I *really* don't want to start a > discussion of the merits here. Time will tell whether Postfix needs > to adapt to a world with mail-enabled TLD domains and/or hosts. >
