> On Oct 7, 2019, at 7:46 PM, Jaroslaw Rafa <r...@rafa.eu.org> wrote:
>
>> Unless your system sends all mail to statically configured
>> relays listed in /etc/hsots, you MUST NOT set:
>>
>> smtp_host_lookup = native
>
> But "native" doesn't mean /etc/hosts only! Native means system-configured
> name resolution and this is defined by /etc/nsswitch.conf and/or
> /etc/host.conf. nsswitch.conf contains the entry "hosts: files dns" and
> host.conf contains "order hosts,bind". Both entries mean - try to resolve
> using /etc/hosts first, and if the name is not found in /etc/hosts, resolve
> using normal DNS. And this is the way it's working for me right now.
Native is wrong for resolving DNS MX hostnames since, it may
try to erroneously append default domains (from the resolv.conf
search list) to fully-qualified DNS names.
While a sufficiently small "ndots" might keep you out of trouble,
"native" also breaks visibility of DNSSEC and is therefore
incompatible with DANE.
It also precludes use of the Postfix "smtp_dns_reply_filter".
It may mostly work for you, but is NOT recommended.
--
Viktor.
