[Exim] IP address lookups - opinions wanted

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Philip Hazel
Date:  
À: exim-users
Sujet: [Exim] IP address lookups - opinions wanted
Sorry about the length of this; I have to give some background before
asking the question.

Consider the case when an IP address has more than one PTR record in the
DNS. This is rare, but not unknown (and not forbidden). For example:

3.0.0.10.in-addr.arpa.    PTR    a.host.name.
3.0.0.10.in-addr.arpa.    PTR    a.nother.host.name.


Until now, if Exim received a connection from 10.0.0.3, and needed to
find a host name (for ACL checking or whatever), it used the
gethostbyaddr() function [or, on IPv6 systems that have it, the
getipnodebyaddr() function] to find the host name(s).

On Solaris, where I've done all the development so far, this works. The
function gives back both names, one as primary and the other as an
alias. There is of course nothing to say which way round you get them,
but for Exim's purposes, that doesn't matter. If it is checking, for
example, something like

hosts = *.x.y.z

in an ACL, it checks all the names.

I am currently moving my development environment to a new box that is
running (Gentoo) Linux. The test suite showed up an anomaly. The Linux
version of gethostbyaddr() gives back only one name - and not always the
same one (presumably because of DNS round robinning).

Interestingly, if there are multiple names in /etc/hosts,
gethostbyaddr() does give them all. Of course, in this case, there is
one name that is clearly the primary one.

It seems that getipnodebyaddr() is deprecated (and though in the man
page, does not appear to be in libc any more). The brave new function to
do this job is getnameinfo(). I investigated this. Not only does it just
give one name only, but its API doesn't seem to have any way of
returning more than one name.

In order to preserve (approximately) the previous functionality of Exim,
I have made the following change in the development sources:

Instead of just calling gethostbyaddr(), Exim first does a direct DNS
lookup. If it finds any PTR records, the first is used as the host
name, and the rest are treated as aliases.

If the DNS lookup yields no data, Exim tries gethostbyaddr() as
before, in order to search /etc/hosts (if /etc/nsswitch.conf is
appropriately configured).

This change is similar to one that was made to the manualroute router
some time ago. In most cases it will probably not make any difference,
but I thought I would ask for people's opinions, just in case.

[A case where you would notice a difference is if the address is in
/etc/hosts, but the DNS lookup times out. Before, it would have found
it; now it will defer. Hmm. Maybe I should do gethostbyaddr() on a DNS
timeout, but defer if it fails. Or is that getting too ad-hoc-ish?]

In particular, do you think is will be necessary to have a switch to
turn this off? [I haven't implemented one yet, but it would be trivial.]
Or switches to control the whole process? In situations where /etc/hosts
is not used, turning off the gethostbyaddr() call could save a few
resources.

I am going away from tomorrow till October 24th; I won't have time to
follow this up till I get back.

Philip

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.