Autor: Jasen Betts Datum: To: exim-dev Betreff: Re: [exim-dev] [Bug 1461] New: dnssec use floods /var/log/messages
On 2014-04-08, Heiko Schlittermann <hs@???> wrote: >
> If I understand well, Exim needs to use the DNS directly, MX lookups,
> SRV lookup and the like is nothing getnameinfo() & co can do for us.
>
> If Exim gets the MX name from DNS, what do I expect for the MX name's IP?
> DNS too, or obeying nsswitch.conf by using the libc resolver?
Under what circumstances is the DNS-served IP address of mx.fakemx.net of
any use? I can put a more predictable value in /etc/hosts and quickly
reject emails for which this is the only destination.
> How trustworthy is an address I got from /etc/hosts? (But nss and the
> libc resolver won't tell me the origin of the address anyway.)
About as trusted as the exim binary which wants to do the lookup, and
the libc binary doing it.