[gull] Probleme etrange DNS

Daniel Cordey dc at mjt.ch
Fri Dec 5 12:09:01 CET 2003 

On Friday 05 December 2003 10:12, Marc SCHAEFER wrote:

>    - When the query name or a name between the wildcard domain and
>      the query name is know to exist.  For example, if a wildcard
>      RR has an owner name of "*.X", and the zone also contains RRs
>      attached to B.X, the wildcards would apply to queries for name
>      Z.X (presuming there is no explicit information for Z.X), but
>      not to B.X, A.B.X, or X.

Justement, il me semble que la clef se trouve la. Dans le livre "Linux 
administration handbook", au chapitre DNS (page 417), je lis :

Wild card MX records are also sometimes seen in the DNS database :

*	IN	MX	10	mailhub.cs.colorado.edu

At first glance, this record seems like it would save lots of typing and add a 
default MX record for all hosts. But wild card records don't quite work as 
you might expect. They match anythig in the name field of a resource record 
that is NOT already listed as an explicit name in another resource record.

Thus, you CANNOT us a star to set a default value for all your hosts. But 
perversely, you can use it to set a default value for names that are not your 
hosts. This setup causes losr of mail to be sent to your hub only to be 
rejected because the hostname matching the star really does not belong to 
your domain. Ergo, avoid wild card MX records. Wild cards are not yet 
implemented in BIND 9 and may never be.

Ah, je n'avais pas vu ces deux dernieres phrases... 

Quand je parle d'ambiguite, je pense a la definition du MX sur le systeme 
'smtp' et la definition de l'adresse pour 'lists', ayant la meme adresse que 
'smtp'. Je suis presque sur que d'utiliser un CNAME dans ce cas :

lists	IN	CNAME	smtp.alphanet.ch.

Permetrait au serveur d'avoir une vision hierarchique plus claire. 

> PS: je n'installe plus de wildcard MX depuis longtemps, mais comme je
>     l'ai déjà dit, c'était pour des raisons historiques.

J'avais bien compris et je ne critiquais pas l'utilistion des wildcards, mais 
ca m'a toujours semble delicat et j'ai prefere d'autres modes d'ecritures. 
J'ai encore des trucs bien pire que ca, aussi pour des raisons 
historiques :-)

Daniel

More information about the gull mailing list