Question: should submit.mc include nocanonify by default?

Liste des GroupesRevenir à cm sendmail 
Sujet : Question: should submit.mc include nocanonify by default?
De : stacey.marshall (at) *nospam* gmail.com (Stacey Marshall)
Groupes : comp.mail.sendmail
Date : 12. May 2025, 18:10:52
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <vvta2t$171gi$1@dont-email.me>
User-Agent : Mozilla Thunderbird
Question, should submit.mc include nocanonify by default?
I was a little surprised to see SMTP client queue (sendmail -Ac) trying to look up DNS names as I thought it only collected mail for local accounts.  In the configuration in question the Mail Transfer Agent (sendmail -bl) is configured to forward all mail to a gateway machine for actual delivery, and only that gateway machine has access to DNS.
 From a fair amount of digging I found FEATURE(`nocanonify') is what was needed in submit.mc to prevent DNS lookups.  Modified a copy of submit.mc with the sample from contrib/bsdi.mc:
# diff submit.mc submit_nocanonify.mc
23a24,32
 > dnl # Use FEATURE(`nocanonify') to skip address canonification via $[ ... $].
 > dnl # This would generally only be used by sites that only act as mail gateways
 > dnl # or which have user agents that do full canonification themselves.
 > dnl # You may also want to use:
 > dnl #     define(`confBIND_OPTS',`-DNSRCH -DEFNAMES')
 > dnl # to turn off the usual resolver options that do a similar thing.
 > dnl # Examples:
 > FEATURE(`nocanonify')
 > dnl define(`confBIND_OPTS',`-DNSRCH -DEFNAMES')
#
# make submit.cf
test ! -f submit.cf || /usr/bin/mv submit.cf submit.cf.prev
/usr/bin/m4 ../m4/cf.m4 submit.mc > submit.cf
Using truss confirms no call to libresolv res_* functions:
# echo canonify test@example.com | sudo truss -t\!all -f -ulibresolv:res_\*  /usr/sbin/sendmail -C/etc/mail/cf/cf/submit_nocanonify.cf -bt
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
 > canonify           input: test @ example . com
Canonify2          input: test < @ example . com >
Canonify2        returns: test < @ example . com . >
canonify         returns: test < @ example . com . >
 >
For comparison the standard submit.cf without nocanonify is see to call res_querydomain
# echo canonify test@example.com | sudo truss -t\!all -f -ulibresolv:res_\*  /usr/sbin/sendmail -C/etc/mail/cf/cf/submit.cf -bt
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
 > canonify           input: test @ example . com
Canonify2          input: test < @ example . com >
5882/1@1:       -> libresolv:res_querydomain(0x7fc0b5e4a4d0, 0x4324bf, 0x1, 0x1c, 0x7fc0b5e45b70, 0x2000)
5882/1@1:       <- libresolv:res_querydomain() = 197
Canonify2        returns: test < @ example . com . >
canonify         returns: test < @ example . com . >
Thus I was wondering if submit.mc should include the nocanonify feature by default?
Thanks in advance, Stacey

Date Sujet#  Auteur
12 May 25 * Question: should submit.mc include nocanonify by default?4Stacey Marshall
13 May 25 `* Re: Question: should submit.mc include nocanonify by default?3Marco Moock
14 May 25  +- Re: Question: should submit.mc include nocanonify by default?1Stacey Marshall
14 May 25  `- Re: Question: should submit.mc include nocanonify by default?1Andrzej Adam Filip

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal