Matthew Petach (mpetach) writes:
> If they simply use "smtp" as the hostname, most of the
> current resolver libraries will append the local domain
> name, so that instead of reaching my A record for smtp,
> they'll end up trying to reach smtp.their.domain.
Actually, that's a good point -- although it will try first with
the domains specified in the search list first.
So I wouldn't worry too much about this kind of thing.
But considering the amount of flag waving and "Caution: Wet
Floor" signs ICANN placed when it rolled out something has
harmless as the IDN tests in the root, I'm surprised that they
haven't thought about all the non-FQDNs that will suddenly
resolve, including all the private TLDs that people use
internally. It's bad practice, and isn't recommended anyway,
but I do expect it will cause many more fun (read: annoying)
calls to helpdesks of the sort "where did my mail go ?".
And mail won't be the only thing.
> Will operating system manufacturers release updated
> resolver libraries that no longer assume that single
> token names should have the local domain attached?
I know a lot of mail clients that won't accept to send
mail to [EMAIL PROTECTED], but they certainly will accept [EMAIL
PROTECTED]
as the outgoing mail name. Luckily, that will match the
search list as well first.
> Or should I always ensure that resolvers reach my
> domain explicitly by including the trailing "dot" in
> all uses, so that my email would be given out as
> "[EMAIL PROTECTED]" in the hopes that everyone would
> correctly remember to add the "." at the end when
> entering my email address into their mail clients?
A fair number will barf on this (for now).
> Or does the current resolver logic already handle
> these cases (check root, work your way down
> stopping at the first match found; if you run out
> of tokens in the string being resolved, append the
> local domain name to the string and start the process
> over)?
The other way around. And if I ping 'dk', my resolver
stops after "catpipe.net" and my other private domain.
It doesn't try "dk.", even though dk. has an A record
associated with it. I get NXDOMAIN.
> Simply looking to solidify my understanding of how
> these new names would resolve.
Not too many problems, I think, except for resolver
libraries that fail to find the name in the domains
listed in the search list, and continue to '.'.
It's not standard practice though.
Phil
