On Thu, Jul 18, 2019 at 11:32:17PM +0100, Jeremy Harris via Exim-users wrote:
> On 18/07/2019 23:08, Evgeniy Berdnikov via Exim-users wrote:
> > Running tcpdump with -vvv shows that there is an authority record for root.
> > I don't know is this behaviour legal or not, and why this record is present
> > in exim queries. But I propose to try two other methods to resolve name:
> >
> > 1: exim4 -be '${lookup dnsdb{a=smtp.gmail.com}{$value}fail}'
> >
> > 2: perl -e '($n,$a,$t,$l,@ip)=gethostbyname("smtp.gmail.com"); print
> > "n=$n\na=$a\n"; for (@ip) {($w,$x,$y,$z)=unpack('W4',$_); print
> > "$w.$x.$y.$z\n"}'
> >
> > In my experiments 1st variant results in additional authority record, the
> > 2nd does not (as manual run of telnet). Does 1st variant fail when exim
> > fails to run transport?
>
> Might there be a dnssec-related difference?
Definitely NO, because this difference is in client's initial packets.
Probably code for preparation of dns query packets in Exim do some
extra actions, resulting in addition of redundant authority field
to query packets. This field is not required and should be ignored by
dns server -- we have millons of exim installations communicating
with google. But it may break something in exotic situations...
--
Eugene Berdnikov
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
