[exim] dnsdb loses characters (exim 4.96.2, 4.97)

Top Page
Delete this message
Reply to this message
Author: Victor Ustugov
Date:  
To: exim-users
Subject: [exim] dnsdb loses characters (exim 4.96.2, 4.97)
Hello

This is a real case.

Let's resolve the TXT record of the perrigo.com domain.

# pkg info -E exim
exim-4.95_5

# echo '${lookup dnsdb{>\n; defer_never,txt=perrigo.com}}' | exim -be |
grep v=spf1
v=spf1 include:spf-00157e01.pphosted.com
include:spf-00157e03.pphosted.com include:spf.protection.outlook.com
include:spf.natchcloud.com include:spf.messagelabs.com
include:spf.mailjet.com a:smtp5.silae.fr include:_spf-dc8.sapsf.com
include:_spf-dc4.sapsf.com ip4:70.42.227.151/32 ip4:70.42.227.152/32
ip4:65.221.8.29/32 ip4:65.221.12.128/32 ip4:65.221.12.148/32
ip4:198.11.114.29/32 ~all

# pkg info -E exim
exim-4.96.2

# echo '${lookup dnsdb{>\n; defer_never,txt=perrigo.com}}' | exim -be |
grep v=spf1
v=spf1 include:spf-00157e01.pphosted.com
include:spf-00157e03.pphosted.com include:spf.protection.outlook.com
include:spf.natchcloud.com include:spf.messagelabs.com
include:spf.mailjet.com a:smtp5.silae.fr include:_spf-dc8.sapsf.co#
include:_spf-dc4.sapsf.com ip4:70.42.227.151/32 ip4:70.42.227.152/32
ip4:65.221.8.29/32 ip4:65.221.12.128/2 ip4:65.221.12.148/32
ip4:198.11.114.29/32 ~all

# host -t txt perrigo.com | grep v=spf1
perrigo.com descriptive text "v=spf1 include:spf-00157e01.pphosted.com
include:spf-00157e03.pphosted.com include:spf.protection.outlook.com
include:spf.natchcloud.com include:spf.messagelabs.com
include:spf.mailjet.com a:smtp5.silae.fr include:_spf-dc8.sapsf.com" "
include:_spf-dc4.sapsf.com ip4:70.42.227.151/32 ip4:70.42.227.152/32
ip4:65.221.8.29/32 ip4:65.221.12.128/32 ip4:65.221.12.148/32
ip4:198.11.114.29/32 ~all"


Look at the network 65.221.12.128 and its mask.

exim 4.95 returns a netmask /32, it's ok.
exim 4.96.2 (and exim 4.97 too) returns a netmask /2. This is wrong netmask.
and CLI tool host returns a netmask /32, it's ok.


So far this is the only problematic TXT record I have encountered.

I was able to reproduce the problem on a test domain on a server running
exim 4.97 with the same TXT record value.


# host -t txt test.mx.org.ua
test.mx.org.ua descriptive text "v=spf1
include:spf-00157e01.pphosted.com include:spf-00157e03.pphosted.com
include:spf.protection.outlook.com include:spf.natchcloud.com
include:spf.messagelabs.com include:spf.mailjet.com a:smtp5.silae.fr
include:_spf-dc8.sapsf.com" " include:_spf-dc4.sapsf.com
ip4:70.42.227.151/32 ip4:70.42.227.152/32 ip4:65.221.8.29/32
ip4:65.221.12.128/32 ip4:65.221.12.148/32 ip4:198.11.114.29/32 ~all"

host returned ip4:65.221.12.128/32

# echo '${lookup dnsdb{>\n; defer_never,txt=test.mx.org.ua}}' | exim -be
| grep v=spf1

v=spf1 include:spf-00157e01.pphosted.com
include:spf-00157e03.pphosted.com include:spf.protection.outlook.com
include:spf.natchcloud.com include:spf.messagelabs.com
include:spf.mailjet.com a:smtp5.silae.fr include:_spf-dc8.sapsf.co#
include:_spf-dc4.sapsf.com ip4:70.42.227.151/32 ip4:70.42.227.152/32
ip4:65.221.8.29/32 ip4:65.221.12.128/2 ip4:65.221.12.148/32
ip4:198.11.114.29/32 ~all

exim 4.97 returned ip4:65.221.12.128/2


Next, I added an extra character to the TXT record a little before the
problem area (I replaced "_spf-dc4.sapsf.com" with "_spf-dc44.sapsf.com").


# host -t txt test.mx.org.ua
test.mx.org.ua descriptive text "v=spf1
include:spf-00157e01.pphosted.com include:spf-00157e03.pphosted.com
include:spf.protection.outlook.com include:spf.natchcloud.com
include:spf.messagelabs.com include:spf.mailjet.com a:smtp5.silae.fr
include:_spf-dc8.sapsf.com" " include:_spf-dc44.sapsf.com
ip4:70.42.227.151/32 ip4:70.42.227.152/32 ip4:65.221.8.29/32
ip4:65.221.12.128/32 ip4:65.221.12.148/32 ip4:198.11.114.29/32 ~all"

host still returns ip4:ip4:65.221.12.128/32

# echo '${lookup dnsdb{>\n; defer_never,txt=test.mx.org.ua}}' | exim -be
| grep v=spf1

v=spf1 include:spf-00157e01.pphosted.com
include:spf-00157e03.pphosted.com include:spf.protection.outlook.com
include:spf.natchcloud.com include:spf.messagelabs.com
include:spf.mailjet.com a:smtp5.silae.fr include:_spf-dc8.sapsf.co#
include:_spf-dc44.sapsf.com ip4:70.42.227.151/32 ip4:70.42.227.152/32
ip4:65.221.8.29/32 ip4:65.221.12.12832 ip4:65.221.12.148/32
ip4:198.11.114.29/32 ~ll

exim 4.97 returns ip4:65.221.12.12832


Looks like a bug.


--
Best wishes Victor Ustugov
mailto:victor@corvax.kiev.ua
public GnuPG/PGP key: https://victor.corvax.kiev.ua/corvax.asc

--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/