[Mimedefang] Trailing dots in hostname lookups
Kenneth Porter
shiva at sewingwitch.com
Fri Feb 2 18:35:08 EST 2024
I was recently reminded that a DNS lookup of a name with one internal dot
but no trailing dot will cause the resolver to first search the domain
search list before submitting the unmodified name to the DNS server. (I'd
seen a story about the proposed .internal domain and chasing through
related links turned up the resolver dot rule.)
<https://www.theverge.com/2024/1/30/24055534/web-private-network-internal-icann-name>
Today I was looking into a user's bounce and found that
us-smtp-inbound-1.mimecast.com transiently failed to resolve in
/var/log/maillog. I then grepped my BIND queries log and saw that queries
were first going through the search list and suffixing MX server names with
the local LAN domains before finding it in the external DNS. Not the issue
for this bounce, but I'm wondering if this is a reasonable thing to do for
hostnames found in MX records.
What I can't tell is which program is doing the lookup and stripping the
trailing dot from the MX result. I'm guessing it's sendmail, not MD,
SpamAssassin or some other thing in my mail chain. But it could be MD.
Is this something to even be worried about? My search list has 4 entries so
every lookup fails 4 times before it resolves to the external MX server.
More information about the MIMEDefang
mailing list