On Jul 24, 2012, at 02:22, Ori Bani wrote: > On Mon, Jul 23, 2012 at 5:07 PM, Viktor Dukhovni > <postfix-us...@dukhovni.org> wrote: >> On Mon, Jul 23, 2012 at 03:33:53PM -0700, Marty Beckler wrote: >> >>> Transport next hops can have MX lookups disabled by adding [] around >>> the next hop. >>> >>> Is it possible to define a transport that always has MX lookups >>> disabled without specifying the next hop? >>> >>> man 5 transport says that trivial-rewrite(8) doesn't allow >>> substitutions in pcre tables, otherwise, this is what I'd want: >>> >>> /(.+\.internal)/ internal_smtp:[$1] >>> >>> So is there any other way to disable MX lookups wholesale for a given >>> transport? >> >> What's wrong with MX lookups? If the records are absent, Postfix >> will use A records, > > Interesting, for me, postfix was throwing up its hands instead. > >> so you generally don't need to suppress MX >> lookups unless you have wildcard MX records or incorrect MX records. >> Just make sure your MX records either don't exist or are sensible. >> >> Making up top level domains like ".internal" is not a good idea. >> If the TLD is not reserved by RFC and does not exist (yet) don't >> use it. With ICANN slated to register a few thousand new TLDs this >> year, you may find your fantasy TLD turning into someone else's >> reality. >> >> If your domain is "example.com", consider "internal.example.com" >> as a "root" for internal domains. > > There's too many hosts we need to resolve so short of DNS tricks, just > disabling lookups in postifx is easiest. OK, thanks for your advice. I > appreciate it.
Having valid, properly resolving DNS is not a trick, and a much better solution than compensating for it on a different level. If a subdomain is not an option, register a valid 'network domain' for your internal use, and use that. Like 'example-lan.net' if your main domain is 'example.com', or something similar. Routing mail to many hosts then becomes as simple as making sure they have valid A/AAAA records within that domain. Makes your life easier with regard to IPv6, too. Cya, Jona