Re: [exim-dev] [Bug 2911] New: setting dns_again_means_nonex…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
Madmin at <-
 
Delete this message
Reply to this message
Author: Viktor Dukhovni
Date:  
To: exim-dev
New-Topics: Re: [exim-dev] [Bug 2911] New: setting dns_again_means_nonexist to a list containing @mx_ lookups causes segfault
Subject: Re: [exim-dev] [Bug 2911] New: setting dns_again_means_nonexist to a list containing @mx_ lookups causes segfault
On Fri, Aug 19, 2022 at 02:04:06PM +0000, admin--- via Exim-dev wrote:

> https://bugs.exim.org/show_bug.cgi?id=2911
> 
>             Bug ID: 2911
>            Summary: setting dns_again_means_nonexist to a list containing
>                     @mx_ lookups causes segfault
>            Product: Exim
>            Version: 4.96
>           Hardware: x86
>                 OS: Linux
>             Status: NEW
>           Severity: bug
>           Priority: medium
>          Component: List matching
>           Assignee: unallocated@???
>           Reporter: thomasm-exim@???
>                 CC: exim-dev@???

>
> Now if a DNS lookup for a MX gives TRY_AGAIN, exim will check whether the name
> MX name is in dns_again_means_nonexist. [...]

Note that if this also potentially applies to TLSA lookups, then
downgrading SRVFAIL (try again) to NXDOMAIN breaks the downgrade
resistance of DANE.

This is of course also likely to trigger bounces in the presence of
transient errors, and is basically a really bad idea. 

-- 
    Viktor.


This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-[exim-dev] [Bug 2912] New: cutthrough delivery gets canceled on unexpected (non 2xx) SMTP response[exim-dev] [Bug 2915] New: SIGSEGV in ACL when message is second in that connection->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)