Re: Malformed DNS server reply
- Wietse Venema wrote:
>> Hi list,Hi Wietse,
>> I saw this in my logs:
>> Apr 29 14:58:08 mx postfix/smtpd: connect from
>> Apr 29 14:58:09 mx postfix/smtpd: warning: valid_hostname: empty
>> Apr 29 14:58:09 mx postfix/smtpd: warning: malformed domain name
>> in resource data of MX record for somedomain.com:
> There is no Internet RFC that says that an empty hostname is valid.
> Postfix was not built by experimentation of "what works". Instead,
> Postfix was built by looking at official email standards. Then, I
> added hacks and workarounds for systems that don't play by the
>> Apr 29 14:58:09 mx postfix/smtpd: NOQUEUE: reject: RCPT from
>> xxx.yyy.zzz[xxx.yyy.zzz.xxx]: 450 4.1.8 <info@...>: Sender
>> address rejected: Malformed DNS server reply; from=<info@...>
>> to=<user@...> proto=ESMTP helo=<xxx.yyy.zzz>
>> Apr 29 14:58:09 mx postfix/smtpd: disconnect from
>> $ host somedomain.com
>> somedomain.com has address yyy.zzz.xxx.yyy
>> somedomain.com mail is handled by 0 .
>> This looks like a Null MX record:
>> If the domain owner declares that this domain never sends or recieves
>> email, then shouldn't postfix reject the above message with a permanent
> Anyone can post a draft. That does not mean that they change
> the rules of the Internet.
> The SMTP RFC says that the MX record specifies a hostname, and
> there is no RFC that says an empty string is a valid hostname.
> The warning message is an example of a workaround hack that I put
> in for systems that don't supply valid hostnames in their MX records.
I understand. Thank you for clarifying this.
I was not aware of the ugliness in this method. It seemed like a quite
easy way to implement non-email domains for a DNS admin, but I now
understand what complications this brings to the application developer.
- Victor Duchovni wrote:
> On Fri, Apr 29, 2011 at 09:39:10AM -0400, Wietse Venema wrote:Hi Victor,
>>> This looks like a Null MX record:
>>> If the domain owner declares that this domain never sends or recieves
>>> email, then shouldn't postfix reject the above message with a permanent
>> Anyone can post a draft. That does not mean that they change
>> the rules of the Internet.
>> The SMTP RFC says that the MX record specifies a hostname, and
>> there is no RFC that says an empty string is a valid hostname.
> This said Null MX records are IMHO a reasonably simple/clean idea. Pity
> it never got officially blessed. I seem to recall that same concession
> to Null MX records was made in a Postfix release a while back...
> Horror: total rewrite of DNS client error handling because
> some misguided proposal attempts to give special meaning
> to some syntactically invalid MX hostname lookup result.
> Not only that, people expect sensible results with
> reject_unknown_sender_domain etc. Files: dns/dns_lookup.c,
> smtp/smtp_addr.c smtpd/smtpd_check.c, lmtp/lmtp_addr.c.
> Bugfix (introduced with Postfix 2.3): the MX hostname syntax
> check was skipped with reject_unknown_helo_hostname and
> reject_unknown_sender/recipient_domain, so that Postfix
> would still accept mail from domains with a zero-length MX
> hostname. File: smtpd/smtpd_check.c.
> Which release is the OP using?
Just for the record. We use postfix-2.7.3.
Relevant part of "postconf -n":
smtpd_recipient_restrictions = permit_mynetworks,
But I think I got all my questions answered.