[Gllug] * on mail exchanger records

home at alexhudson.com home at alexhudson.com
Tue Jul 24 09:17:51 UTC 2001 

On Mon, Jul 23, 2001 at 11:47:49PM +0100, Tom Gilbert wrote:
> Actually that's old school - DNS doesn't work that way anymore on any
> relatively modern OS. If you are in domain foo.com and you look up
> bar.com, it will look up "bar.com." first, then it will try in your
> domain. There has to be at least two dots (including the last) for it to
> look for it as a fully qualified domain name, if there isn't one it will
> try the current domain first.

I think you're absolutely right Tom - but I think I differ slightly on
interpretation wrt. the last dot. Looking up bar.com. will only lookup
bar.com, because you're specifying the root zone (""), however you don't
need the last dot (it seems) because the resolver will actually do things
the other way around at the start, no matter what domain you're actually in.

It seems that current resolvers will supplant the usual search order if the
search term has at least one '.' in it - that is, if you look up bar.com it
will first attempt to resolve bar.com., and then bar.com.localdomain. . I've
been told that this was to alleviate people with fubar'd DNS records
(wildcards being a primary source of confusion). 

So, let's say our resolv.conf is something like:
	nameserver X
	search foo.com bar.com

On this machine, looking up buzz.com will immediately return buzz.com.
However, looking up buzz will first search for buzz.foo.com., buzz.bar.com.,
before looking for buzz. So, you could say that search order is basically
reversed for those machines which don't specify search... in their
resolv.conf, since they only search two domains anyway.

I can see this happen 'in the wild', so to speak, because a lookup on
nonexistent.linux.com returns nonexistent.linux.com.localdomain, but a
lookup for www.linux.com returns the ip address for www.linux.com.

Nothing I've seen makes me think wildcard MX records aren't completely,
utterly, wrong yet :(. I've seen mention of the destruction they cause in
RFCs (there is one RFC dedicated to how E.D.U. screwed up the DNS system
when they purchased edu.com and put in a wildcard CNAME :), sendmail.org has
various cogent arguments as to why they play havoc with smtp relays, etc. I
just don't see any good arguments for having them (outside of an LAN, that
is). They just seem to suck :(

Cheers,

Alex.
-- 

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list