Re: [exim-dev] [Bug 1461] New: dnssec use floods /var/log/me…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Jasen Betts
Datum:  
To: exim-dev
Betreff: Re: [exim-dev] [Bug 1461] New: dnssec use floods /var/log/messages
On 2014-04-08, Heiko Schlittermann <hs@???> wrote:
>
> If I understand well, Exim needs to use the DNS directly, MX lookups,
> SRV lookup and the like is nothing getnameinfo() & co can do for us.
>
> If Exim gets the MX name from DNS, what do I expect for the MX name's IP?
> DNS too, or obeying nsswitch.conf by using the libc resolver?


Under what circumstances is the DNS-served IP address of mx.fakemx.net of
any use? I can put a more predictable value in /etc/hosts and quickly
reject emails for which this is the only destination.

> How trustworthy is an address I got from /etc/hosts? (But nss and the
> libc resolver won't tell me the origin of the address anyway.)


About as trusted as the exim binary which wants to do the lookup, and
the libc binary doing it.

--
umop apisdn