Loading ...
Sorry, an error occurred while loading the content.
 

Malformed DNS server reply

Expand Messages
  • Chip Marshall
    Came across something odd today. I was trying to sign up at fuelly.com, but my Postfix mail server is rejecting their signup confirmation e-mail with the
    Message 1 of 9 , Aug 8, 2008
      Came across something odd today. I was trying to sign up at fuelly.com,
      but my Postfix mail server is rejecting their signup confirmation e-mail
      with the following:

      Aug 8 12:03:47 kyzoku postfix/smtpd[38670]: NOQUEUE: reject: RCPT from fuelly.com[174.133.216.50]: 450 4.1.8 <Fuelly@...>: Sender address rejected: Malformed DNS server reply; from=<Fuelly@...> to=<chip@...> proto=ESMTP helo=<fuelly.com>

      I decided to do some digging into their DNS, and found an odd-looking MX
      record:

      $ dig fuelly.com mx +short
      5 .

      I've never seen the root used as a mail exchanger before, and am
      guessing this is seen as a bad answer. At the very least, . has no A or
      AAAA records.

      Is this some sort of odd anti-spam thing? Or is the domain just set up
      badly?

      --
      Chip Marshall <chip@...>
      http://weblog.2bithacker.net/ KB1QYW PGP key ID 43C4819E
      v4sw5PUhw4/5ln5pr5FOPck4ma4u6FLOw5Xm5l5Ui2e4t4/5ARWb7HKOen6a2Xs5IMr2g6CM
    • Wietse Venema
      ... Postfix also logs a warning. ... It is an anti-spam hack. By my reading of the RFCs, a zero-length MX hostname is not a valid domain. Postfix complains
      Message 2 of 9 , Aug 8, 2008
        Chip Marshall:
        > Came across something odd today. I was trying to sign up at fuelly.com,
        > but my Postfix mail server is rejecting their signup confirmation e-mail
        > with the following:
        >
        > Aug 8 12:03:47 kyzoku postfix/smtpd[38670]: NOQUEUE: reject: RCPT from fuelly.com[174.133.216.50]: 450 4.1.8 <Fuelly@...>: Sender address rejected: Malformed DNS server reply; from=<Fuelly@...> to=<chip@...> proto=ESMTP helo=<fuelly.com>
        >

        Postfix also logs a warning.

        > I decided to do some digging into their DNS, and found an odd-looking MX
        > record:
        >
        > $ dig fuelly.com mx +short
        > 5 .
        >
        > I've never seen the root used as a mail exchanger before, and am
        > guessing this is seen as a bad answer. At the very least, . has no A or
        > AAAA records.
        >
        > Is this some sort of odd anti-spam thing? Or is the domain just set up
        > badly?

        It is an anti-spam hack. By my reading of the RFCs, a zero-length
        MX hostname is not a valid domain.

        Postfix complains about the malformed reply, and does not attempt
        to look up the A record, because it did not get a correctly formed
        MX response. So the hack works.

        Wietse
      • Бак Микаел
        Hi list, I saw this in my logs: Apr 29 14:58:08 mx postfix/smtpd[4880]: connect from xxx.yyy.zzz[xxx.yyy.zzz.xxx] Apr 29 14:58:09 mx postfix/smtpd[4880]:
        Message 3 of 9 , Apr 29, 2011
          Hi list,

          I saw this in my logs:

          Apr 29 14:58:08 mx postfix/smtpd[4880]: connect from
          xxx.yyy.zzz[xxx.yyy.zzz.xxx]
          Apr 29 14:58:09 mx postfix/smtpd[4880]: warning: valid_hostname: empty
          hostname
          Apr 29 14:58:09 mx postfix/smtpd[4880]: warning: malformed domain name
          in resource data of MX record for somedomain.com:
          Apr 29 14:58:09 mx postfix/smtpd[4880]: NOQUEUE: reject: RCPT from
          xxx.yyy.zzz[xxx.yyy.zzz.xxx]: 450 4.1.8 <info@...>: Sender
          address rejected: Malformed DNS server reply; from=<info@...>
          to=<user@...> proto=ESMTP helo=<xxx.yyy.zzz>
          Apr 29 14:58:09 mx postfix/smtpd[4880]: disconnect from
          fxxx.yyy.zzz[xxx.yyy.zzz.xxx]

          And:

          $ host somedomain.com
          somedomain.com has address yyy.zzz.xxx.yyy
          somedomain.com mail is handled by 0 .

          This looks like a Null MX record:
          http://tools.ietf.org/html/draft-delany-nullmx-00

          If the domain owner declares that this domain never sends or recieves
          email, then shouldn't postfix reject the above message with a permanent
          error?

          TIA,
          Mikael Bak
        • Wietse Venema
          ... There is no Internet RFC that says that an empty hostname is valid. Postfix was not built by experimentation of what works . Instead, Postfix was built by
          Message 4 of 9 , Apr 29, 2011
            > Hi list,
            >
            > I saw this in my logs:
            >
            > Apr 29 14:58:08 mx postfix/smtpd[4880]: connect from
            > xxx.yyy.zzz[xxx.yyy.zzz.xxx]
            > Apr 29 14:58:09 mx postfix/smtpd[4880]: warning: valid_hostname: empty
            > hostname
            > Apr 29 14:58:09 mx postfix/smtpd[4880]: warning: malformed domain name
            > in resource data of MX record for somedomain.com:

            There is no Internet RFC that says that an empty hostname is valid.
            Postfix was not built by experimentation of "what works". Instead,
            Postfix was built by looking at official email standards. Then, I
            added hacks and workarounds for systems that don't play by the
            rules.

            > Apr 29 14:58:09 mx postfix/smtpd[4880]: NOQUEUE: reject: RCPT from
            > xxx.yyy.zzz[xxx.yyy.zzz.xxx]: 450 4.1.8 <info@...>: Sender
            > address rejected: Malformed DNS server reply; from=<info@...>
            > to=<user@...> proto=ESMTP helo=<xxx.yyy.zzz>
            > Apr 29 14:58:09 mx postfix/smtpd[4880]: disconnect from
            > fxxx.yyy.zzz[xxx.yyy.zzz.xxx]
            >
            > And:
            >
            > $ host somedomain.com
            > somedomain.com has address yyy.zzz.xxx.yyy
            > somedomain.com mail is handled by 0 .
            >
            > This looks like a Null MX record:
            > http://tools.ietf.org/html/draft-delany-nullmx-00
            >
            > If the domain owner declares that this domain never sends or recieves
            > email, then shouldn't postfix reject the above message with a permanent
            > error?

            Anyone can post a draft. That does not mean that they change
            the rules of the Internet.

            The SMTP RFC says that the MX record specifies a hostname, and
            there is no RFC that says an empty string is a valid hostname.

            The warning message is an example of a workaround hack that I put
            in for systems that don't supply valid hostnames in their MX records.

            Wietse
          • Reindl Harald
            ... normally i write a mail to the admin or abuse of the network if the mail-config of them is totally broken if isee such things in my logs, i know it will
            Message 5 of 9 , Apr 29, 2011
              Am 29.04.2011 15:15, schrieb Бак Микаел:
              > Apr 29 14:58:08 mx postfix/smtpd[4880]: connect from
              > xxx.yyy.zzz[xxx.yyy.zzz.xxx]
              > Apr 29 14:58:09 mx postfix/smtpd[4880]: warning: valid_hostname: empty
              > hostname
              > Apr 29 14:58:09 mx postfix/smtpd[4880]: warning: malformed domain name
              > in resource data of MX record for somedomain.com:
              > Apr 29 14:58:09 mx postfix/smtpd[4880]: NOQUEUE: reject: RCPT from
              > xxx.yyy.zzz[xxx.yyy.zzz.xxx]: 450 4.1.8 <info@...>: Sender
              > address rejected: Malformed DNS server reply; from=<info@...>
              > to=<user@...> proto=ESMTP helo=<xxx.yyy.zzz>
              > Apr 29 14:58:09 mx postfix/smtpd[4880]: disconnect from
              > fxxx.yyy.zzz[xxx.yyy.zzz.xxx]

              normally i write a mail to the admin or abuse of the network
              if the mail-config of them is totally broken if isee such
              things in my logs, i know it will not heal the world but
              maybe some ignorant admins wake up

              > And:
              >
              > $ host somedomain.com
              > somedomain.com has address yyy.zzz.xxx.yyy
              > somedomain.com mail is handled by 0 .
              >
              > This looks like a Null MX record:
              > http://tools.ietf.org/html/draft-delany-nullmx-00
              >
              > If the domain owner declares that this domain never sends or recieves
              > email, then shouldn't postfix reject the above message with a permanent
              > error?

              as wietse said: this is a draft

              the indication that the domain does not send mail should be
              done in a SPF like the following, but this does not interest
              postfix and is only a hint form spam-scoring

              we to this automatically in our dns-backends while generating
              zone-files for domains without mx-records

              domain.tld. 7200 IN TXT "v=spf1 -all"
            • Victor Duchovni
              ... This said Null MX records are IMHO a reasonably simple/clean idea. Pity it never got officially blessed. I seem to recall that same concession to Null MX
              Message 6 of 9 , Apr 29, 2011
                On Fri, Apr 29, 2011 at 09:39:10AM -0400, Wietse Venema wrote:

                > > This looks like a Null MX record:
                > > http://tools.ietf.org/html/draft-delany-nullmx-00
                > >
                > > If the domain owner declares that this domain never sends or recieves
                > > email, then shouldn't postfix reject the above message with a permanent
                > > error?
                >
                > Anyone can post a draft. That does not mean that they change
                > the rules of the Internet.
                >
                > The SMTP RFC says that the MX record specifies a hostname, and
                > there is no RFC that says an empty string is a valid hostname.

                This said Null MX records are IMHO a reasonably simple/clean idea. Pity
                it never got officially blessed. I seem to recall that same concession
                to Null MX records was made in a Postfix release a while back...

                20050726

                Horror: total rewrite of DNS client error handling because
                some misguided proposal attempts to give special meaning
                to some syntactically invalid MX hostname lookup result.
                Not only that, people expect sensible results with
                reject_unknown_sender_domain etc. Files: dns/dns_lookup.c,
                smtp/smtp_addr.c smtpd/smtpd_check.c, lmtp/lmtp_addr.c.

                [...]

                20061227

                Bugfix (introduced with Postfix 2.3): the MX hostname syntax
                check was skipped with reject_unknown_helo_hostname and
                reject_unknown_sender/recipient_domain, so that Postfix
                would still accept mail from domains with a zero-length MX
                hostname. File: smtpd/smtpd_check.c.

                Which release is the OP using?

                --
                Viktor.
              • Wietse Venema
                ... How clean can it be? It requires that an RFC-compliant program must change from two-valued logic (an RFC-compliant MX record exists or does not exist) into
                Message 7 of 9 , Apr 29, 2011
                  Victor Duchovni:
                  > On Fri, Apr 29, 2011 at 09:39:10AM -0400, Wietse Venema wrote:
                  >
                  > > > This looks like a Null MX record:
                  > > > http://tools.ietf.org/html/draft-delany-nullmx-00
                  > > >
                  > > > If the domain owner declares that this domain never sends or recieves
                  > > > email, then shouldn't postfix reject the above message with a permanent
                  > > > error?
                  > >
                  > > Anyone can post a draft. That does not mean that they change
                  > > the rules of the Internet.
                  > >
                  > > The SMTP RFC says that the MX record specifies a hostname, and
                  > > there is no RFC that says an empty string is a valid hostname.
                  >
                  > This said Null MX records are IMHO a reasonably simple/clean idea. Pity
                  > it never got officially blessed. I seem to recall that same concession
                  > to Null MX records was made in a Postfix release a while back...

                  How clean can it be? It requires that an RFC-compliant program must
                  change from two-valued logic (an RFC-compliant MX record exists or
                  does not exist) into three-valued logic (no MX record, RFC-compliant
                  MX record, non-compliant MX record) which leads to cascading code
                  inconsistency and consequently new bugs.

                  I think it is bad engineering when take some invalid form and then
                  give it legitimate meaning. This rewards sloppy programs that play
                  fast and loose, and punishes programs that enforce the rules.

                  Wietse
                • Бак Микаел
                  ... Hi Wietse, I understand. Thank you for clarifying this. I was not aware of the ugliness in this method. It seemed like a quite easy way to implement
                  Message 8 of 9 , May 2, 2011
                    Wietse Venema wrote:
                    >> Hi list,
                    >>
                    >> I saw this in my logs:
                    >>
                    >> Apr 29 14:58:08 mx postfix/smtpd[4880]: connect from
                    >> xxx.yyy.zzz[xxx.yyy.zzz.xxx]
                    >> Apr 29 14:58:09 mx postfix/smtpd[4880]: warning: valid_hostname: empty
                    >> hostname
                    >> Apr 29 14:58:09 mx postfix/smtpd[4880]: warning: malformed domain name
                    >> in resource data of MX record for somedomain.com:
                    >
                    > There is no Internet RFC that says that an empty hostname is valid.
                    > Postfix was not built by experimentation of "what works". Instead,
                    > Postfix was built by looking at official email standards. Then, I
                    > added hacks and workarounds for systems that don't play by the
                    > rules.
                    >
                    >> Apr 29 14:58:09 mx postfix/smtpd[4880]: NOQUEUE: reject: RCPT from
                    >> xxx.yyy.zzz[xxx.yyy.zzz.xxx]: 450 4.1.8 <info@...>: Sender
                    >> address rejected: Malformed DNS server reply; from=<info@...>
                    >> to=<user@...> proto=ESMTP helo=<xxx.yyy.zzz>
                    >> Apr 29 14:58:09 mx postfix/smtpd[4880]: disconnect from
                    >> fxxx.yyy.zzz[xxx.yyy.zzz.xxx]
                    >>
                    >> And:
                    >>
                    >> $ host somedomain.com
                    >> somedomain.com has address yyy.zzz.xxx.yyy
                    >> somedomain.com mail is handled by 0 .
                    >>
                    >> This looks like a Null MX record:
                    >> http://tools.ietf.org/html/draft-delany-nullmx-00
                    >>
                    >> If the domain owner declares that this domain never sends or recieves
                    >> email, then shouldn't postfix reject the above message with a permanent
                    >> error?
                    >
                    > Anyone can post a draft. That does not mean that they change
                    > the rules of the Internet.
                    >
                    > The SMTP RFC says that the MX record specifies a hostname, and
                    > there is no RFC that says an empty string is a valid hostname.
                    >
                    > The warning message is an example of a workaround hack that I put
                    > in for systems that don't supply valid hostnames in their MX records.
                    >
                    > Wietse

                    Hi Wietse,

                    I understand. Thank you for clarifying this.
                    I was not aware of the ugliness in this method. It seemed like a quite
                    easy way to implement non-email domains for a DNS admin, but I now
                    understand what complications this brings to the application developer.

                    Cheers,
                    Mikael Bak
                  • Бак Микаел
                    ... Hi Victor, Just for the record. We use postfix-2.7.3. Relevant part of postconf -n : smtpd_recipient_restrictions = permit_mynetworks,
                    Message 9 of 9 , May 2, 2011
                      Victor Duchovni wrote:
                      > On Fri, Apr 29, 2011 at 09:39:10AM -0400, Wietse Venema wrote:
                      >
                      >>> This looks like a Null MX record:
                      >>> http://tools.ietf.org/html/draft-delany-nullmx-00
                      >>>
                      >>> If the domain owner declares that this domain never sends or recieves
                      >>> email, then shouldn't postfix reject the above message with a permanent
                      >>> error?
                      >> Anyone can post a draft. That does not mean that they change
                      >> the rules of the Internet.
                      >>
                      >> The SMTP RFC says that the MX record specifies a hostname, and
                      >> there is no RFC that says an empty string is a valid hostname.
                      >
                      > This said Null MX records are IMHO a reasonably simple/clean idea. Pity
                      > it never got officially blessed. I seem to recall that same concession
                      > to Null MX records was made in a Postfix release a while back...
                      >
                      > 20050726
                      >
                      > Horror: total rewrite of DNS client error handling because
                      > some misguided proposal attempts to give special meaning
                      > to some syntactically invalid MX hostname lookup result.
                      > Not only that, people expect sensible results with
                      > reject_unknown_sender_domain etc. Files: dns/dns_lookup.c,
                      > smtp/smtp_addr.c smtpd/smtpd_check.c, lmtp/lmtp_addr.c.
                      >
                      > [...]
                      >
                      > 20061227
                      >
                      > Bugfix (introduced with Postfix 2.3): the MX hostname syntax
                      > check was skipped with reject_unknown_helo_hostname and
                      > reject_unknown_sender/recipient_domain, so that Postfix
                      > would still accept mail from domains with a zero-length MX
                      > hostname. File: smtpd/smtpd_check.c.
                      >
                      > Which release is the OP using?
                      >

                      Hi Victor,

                      Just for the record. We use postfix-2.7.3.

                      Relevant part of "postconf -n":

                      smtpd_recipient_restrictions = permit_mynetworks,
                      reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname,
                      reject_non_fqdn_sender, reject_non_fqdn_recipient,
                      reject_non_fqdn_hostname, reject_unauth_destination,
                      [snip]
                      reject_unknown_sender_domain,
                      reject_unknown_reverse_client_hostname,
                      [snip]

                      But I think I got all my questions answered.
                      Thanks,
                      Mikael Bak
                    Your message has been successfully submitted and would be delivered to recipients shortly.