Loading ...
Sorry, an error occurred while loading the content.

Re: Malformed DNS server reply

Expand Messages
  • Бак Микаел
    ... Hi Wietse, I understand. Thank you for clarifying this. I was not aware of the ugliness in this method. It seemed like a quite easy way to implement
    Message 1 of 9 , May 2, 2011
    • 0 Attachment
      Wietse Venema wrote:
      >> Hi list,
      >>
      >> I saw this in my logs:
      >>
      >> Apr 29 14:58:08 mx postfix/smtpd[4880]: connect from
      >> xxx.yyy.zzz[xxx.yyy.zzz.xxx]
      >> Apr 29 14:58:09 mx postfix/smtpd[4880]: warning: valid_hostname: empty
      >> hostname
      >> Apr 29 14:58:09 mx postfix/smtpd[4880]: warning: malformed domain name
      >> in resource data of MX record for somedomain.com:
      >
      > There is no Internet RFC that says that an empty hostname is valid.
      > Postfix was not built by experimentation of "what works". Instead,
      > Postfix was built by looking at official email standards. Then, I
      > added hacks and workarounds for systems that don't play by the
      > rules.
      >
      >> Apr 29 14:58:09 mx postfix/smtpd[4880]: NOQUEUE: reject: RCPT from
      >> xxx.yyy.zzz[xxx.yyy.zzz.xxx]: 450 4.1.8 <info@...>: Sender
      >> address rejected: Malformed DNS server reply; from=<info@...>
      >> to=<user@...> proto=ESMTP helo=<xxx.yyy.zzz>
      >> Apr 29 14:58:09 mx postfix/smtpd[4880]: disconnect from
      >> fxxx.yyy.zzz[xxx.yyy.zzz.xxx]
      >>
      >> And:
      >>
      >> $ host somedomain.com
      >> somedomain.com has address yyy.zzz.xxx.yyy
      >> somedomain.com mail is handled by 0 .
      >>
      >> This looks like a Null MX record:
      >> http://tools.ietf.org/html/draft-delany-nullmx-00
      >>
      >> If the domain owner declares that this domain never sends or recieves
      >> email, then shouldn't postfix reject the above message with a permanent
      >> error?
      >
      > Anyone can post a draft. That does not mean that they change
      > the rules of the Internet.
      >
      > The SMTP RFC says that the MX record specifies a hostname, and
      > there is no RFC that says an empty string is a valid hostname.
      >
      > The warning message is an example of a workaround hack that I put
      > in for systems that don't supply valid hostnames in their MX records.
      >
      > Wietse

      Hi Wietse,

      I understand. Thank you for clarifying this.
      I was not aware of the ugliness in this method. It seemed like a quite
      easy way to implement non-email domains for a DNS admin, but I now
      understand what complications this brings to the application developer.

      Cheers,
      Mikael Bak
    • Бак Микаел
      ... Hi Victor, Just for the record. We use postfix-2.7.3. Relevant part of postconf -n : smtpd_recipient_restrictions = permit_mynetworks,
      Message 2 of 9 , May 2, 2011
      • 0 Attachment
        Victor Duchovni wrote:
        > On Fri, Apr 29, 2011 at 09:39:10AM -0400, Wietse Venema wrote:
        >
        >>> This looks like a Null MX record:
        >>> http://tools.ietf.org/html/draft-delany-nullmx-00
        >>>
        >>> If the domain owner declares that this domain never sends or recieves
        >>> email, then shouldn't postfix reject the above message with a permanent
        >>> error?
        >> Anyone can post a draft. That does not mean that they change
        >> the rules of the Internet.
        >>
        >> The SMTP RFC says that the MX record specifies a hostname, and
        >> there is no RFC that says an empty string is a valid hostname.
        >
        > This said Null MX records are IMHO a reasonably simple/clean idea. Pity
        > it never got officially blessed. I seem to recall that same concession
        > to Null MX records was made in a Postfix release a while back...
        >
        > 20050726
        >
        > Horror: total rewrite of DNS client error handling because
        > some misguided proposal attempts to give special meaning
        > to some syntactically invalid MX hostname lookup result.
        > Not only that, people expect sensible results with
        > reject_unknown_sender_domain etc. Files: dns/dns_lookup.c,
        > smtp/smtp_addr.c smtpd/smtpd_check.c, lmtp/lmtp_addr.c.
        >
        > [...]
        >
        > 20061227
        >
        > Bugfix (introduced with Postfix 2.3): the MX hostname syntax
        > check was skipped with reject_unknown_helo_hostname and
        > reject_unknown_sender/recipient_domain, so that Postfix
        > would still accept mail from domains with a zero-length MX
        > hostname. File: smtpd/smtpd_check.c.
        >
        > Which release is the OP using?
        >

        Hi Victor,

        Just for the record. We use postfix-2.7.3.

        Relevant part of "postconf -n":

        smtpd_recipient_restrictions = permit_mynetworks,
        reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname,
        reject_non_fqdn_sender, reject_non_fqdn_recipient,
        reject_non_fqdn_hostname, reject_unauth_destination,
        [snip]
        reject_unknown_sender_domain,
        reject_unknown_reverse_client_hostname,
        [snip]

        But I think I got all my questions answered.
        Thanks,
        Mikael Bak
      Your message has been successfully submitted and would be delivered to recipients shortly.