Re: [exim-dev] [Bug 2911] New: setting dns_again_means_nonex…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Viktor Dukhovni
Date:  
À: exim-dev
Nouveaux-sujets: Re: [exim-dev] [Bug 2911] New: setting dns_again_means_nonexist to a list containing @mx_ lookups causes segfault
Sujet: Re: [exim-dev] [Bug 2911] New: setting dns_again_means_nonexist to a list containing @mx_ lookups causes segfault
On Fri, Aug 19, 2022 at 02:04:06PM +0000, admin--- via Exim-dev wrote:

> https://bugs.exim.org/show_bug.cgi?id=2911
>
>             Bug ID: 2911
>            Summary: setting dns_again_means_nonexist to a list containing
>                     @mx_ lookups causes segfault
>            Product: Exim
>            Version: 4.96
>           Hardware: x86
>                 OS: Linux
>             Status: NEW
>           Severity: bug
>           Priority: medium
>          Component: List matching
>           Assignee: unallocated@???
>           Reporter: thomasm-exim@???
>                 CC: exim-dev@???

>
> Now if a DNS lookup for a MX gives TRY_AGAIN, exim will check whether the name
> MX name is in dns_again_means_nonexist. [...]


Note that if this also potentially applies to TLSA lookups, then
downgrading SRVFAIL (try again) to NXDOMAIN breaks the downgrade
resistance of DANE.

This is of course also likely to trigger bounces in the presence of
transient errors, and is basically a really bad idea.

-- 
    Viktor.