Wietse Venema: > Tomas Korbar: > > Hi guys, > > did you by any chance have the time to look at this? > > I've been working on the configuration (i.e. user interface) for > this for the past days.
There's a first implementation in postfix-3.8-20230213-nonprod. Docs: https://www.postfix.org/postconf.5.html#use_srv_lookup Code: http://ftp.porcupine.org/mirrors/postfix-release/index.html#non-prod To see all SRV related changes, diff the code against postfix-3.8-20230213. Code: http://ftp.porcupine.org/mirrors/postfix-release/index.html#experimental I still need to implement some tests to verify the host selection code. I made only a few changes to the DNS library code. Most changes are in configuration and connection management, including connection reuse. Below is a summary of changes. Wietse Instead of hard-coding submission support, I made the service name configurable. The use_srv_lookup parameter accepts any name that is listed in services(5), including "smtps", "smtp", or "lmtp". By default, when SRV lookup fails or no record exists, delivery is deferred. This is the right action for the most common case with submission and smtps clients, because the relayhost name used by SRV-based clients will look like "example.com" (the provider's domain itself), while the relayhost name for non-SRV clients will look like "smtp-relay.example.com" (a name under the provider's domain). That is, the names are incompatible, and falling back to non-SRV lookups just would not work and only create confusion. For folks that want to use SRV lookups for MTA-to-MTA traffic, fallback to MX or address lookup can be enabled with ignore_srv_lookup_error and allow_srv_fallback. Here, there is no name compatibility problem because SRV and MX will use the saeme domain name. Fixed the order of DNS result status codes, so that DNS_NOTFOUND < DNS_NULLSRV < DNS_RETRY. This is needed for correct error handling. Added EAI support (name to punycode conversion) for SRV loookup. Connection caching: maintain consistency between SMTP_ITERATOR.port and the SRV-based port in the current destination resource record, so that the same connection cache key will be used when saving or retrieving a connection. Connection caching: added code to save and restore the SMTP_ITERATOR.port value as part of connection metadata, so that a saved connection with an SRV-based port number will be restored correctly. Added IP protocol balancing support (smtp_balance_inet_protocols etc.) similar to code for MX and host lookups, because some Linux distros turn on IPv6 even when a site has no IPv6 connectivity; protocol balancing guarantees that Postfix will try some IPv4 connections. Added loop detection support similar to code for MX and host lookups, just in case some folks want to enable SRV lookups for MTA-MTA traffic (such is the cost of making the feature more general). Added SRV support to dns/dns_strrecord.c. This is required by the DNS reply filter and by test programs.
