[Mimedefang] Trailing dots in hostname lookups

Kenneth Porter shiva at sewingwitch.com
Fri Feb 2 18:35:08 EST 2024


I was recently reminded that a DNS lookup of a name with one internal dot 
but no trailing dot will cause the resolver to first search the domain 
search list before submitting the unmodified name to the DNS server. (I'd 
seen a story about the proposed .internal domain and chasing through 
related links turned up the resolver dot rule.)

<https://www.theverge.com/2024/1/30/24055534/web-private-network-internal-icann-name>

Today I was looking into a user's bounce and found that 
us-smtp-inbound-1.mimecast.com transiently failed to resolve in 
/var/log/maillog. I then grepped my BIND queries log and saw that queries 
were first going through the search list and suffixing MX server names with 
the local LAN domains before finding it in the external DNS. Not the issue 
for this bounce, but I'm wondering if this is a reasonable thing to do for 
hostnames found in MX records.

What I can't tell is which program is doing the lookup and stripping the 
trailing dot from the MX result. I'm guessing it's sendmail, not MD, 
SpamAssassin or some other thing in my mail chain. But it could be MD.

Is this something to even be worried about? My search list has 4 entries so 
every lookup fails 4 times before it resolves to the external MX server.




More information about the MIMEDefang mailing list