?

Log in

No account? Create an account

fanf

Warning to Linux postmasters

« previous entry | next entry »
3rd Aug 2007 | 15:44

Make sure you have the line mdns off in /etc/host.conf on your incoming SMTP servers.

One of my colleagues in our network engineering team discovered today that ppswitch was spewing multicast packets, much to our surprise. It turns out that recent versions of glibc have quietly added support for multicast DNS to the resolver. Multicast DNS is part of Apple's zeroconf networking system (aka Bonjour, previously known as Rendezvous), and it takes over host names ending in .local. See it in action by typing strace ping foo.local and observe it sending a DNS query to the class D multicast address 224.0.0.251.

Since MXs have to deal with untold quantities of crap (at the moment about 96% of the email we're offered - 6 million messages per day - is junk) and since one of the key crap detection tools is the DNS, ppswitch ends up doing a lot of crap DNS lookups. A significant number of these (10,000 per day) are names ending in .local which thereby trigger mdns lookups. However these names do not come from machines named via zeroconf: they are mostly Small Business Server installations which have followed Microsoft's recommendations for choosing a domain name.

It is a great source of joy and wonder that Apple and Microsoft both use .local in conflicting ways. This is truly the Zen of standards: contemplate it deeply and you may achieve enlightenment. (if you don't go mad)

| Leave a comment | Share

Comments {3}

ewx

from: ewx
date: 3rd Aug 2007 18:14 (UTC)

Someone recently said that .local for private (unicast) DNS was mentioned in some RFC but didn't say which - I don't suppose you know which (or if it's not so)?

Reply | Thread

Tony Finch

from: fanf
date: 3rd Aug 2007 19:44 (UTC)

I can't find any mention of it, except RFC 2965 which has an IESG note warning that its use of .local is stupid.

Reply | Parent | Thread

Gerg

from: zkzkz
date: 3rd Aug 2007 18:58 (UTC)

It's spirals I tell you! It's all spirals. There's no way out!

Reply | Thread