[ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
The dnslookup
router looks up the hosts that handle mail for the
recipient's domain in the DNS. A transport must always be set for this router,
unless verify_only
is set.
If SRV support is configured (see check_srv
below), Exim first searches for
SRV records. If none are found, or if SRV support is not configured,
MX records are looked up. If no MX records exist, address records are sought.
However, mx_domains
can be set to disable the direct use of address
records.
MX records of equal priority are sorted by Exim into a random order. Exim then
looks for address records for the host names obtained from MX or SRV records.
When a host has more than one IP address, they are sorted into a random order,
except that IPv6 addresses are always sorted before IPv4 addresses. If all the
IP addresses found are discarded by a setting of the ignore_target_hosts
generic option, the router declines.
Unless they have the highest priority (lowest MX value), MX records that point
to the local host, or to any host name that matches hosts_treat_as_local
,
are discarded, together with any other MX records of equal or lower priority.
If the host pointed to by the highest priority MX record, or looked up as an
address record, is the local host, or matches hosts_treat_as_local
, what
happens is controlled by the generic self
option.
17.1 Problems with DNS lookups | ||
17.2 Private options for dnslookup | ||
17.3 Effect of qualify_single and search_parents |
[ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
There have been problems with DNS servers when SRV records are looked up.
Some mis-behaving servers return a DNS error or timeout when a non-existent
SRV record is sought. Similar problems have in the past been reported for
MX records. The global dns_again_means_nonexist
option can help with this
problem, but it is heavy-handed because it is a global option.
For this reason, there are two options, srv_fail_domains
and
mx_fail_domains
, that control what happens when a DNS lookup in a
dnslookup
router results in a DNS failure or a "try again" response. If
an attempt to look up an SRV or MX record causes one of these results, and the
domain matches the relevant list, Exim behaves as if the DNS had responded "no
such record". In the case of an SRV lookup, this means that the router
proceeds to look for MX records; in the case of an MX lookup, it proceeds to
look for A or AAAA records, unless the domain matches mx_domains
, in which
case routing fails.
[ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
The private options for the dnslookup
router are as follows:
| Use: dnslookup | Type: boolean | Default: false |
If this option is set, the router declines unless the local host is found in (and removed from) the list of hosts obtained by MX lookup. This can be used to process domains for which the local host is a secondary mail exchanger differently to other domains. The way in which Exim decides whether a host is the local host is described in section Recognizing the local host.
| Use: dnslookup | Type: string* | Default: unset |
The dnslookup
router supports the use of SRV records (see RFC 2782) in
addition to MX and address records. The support is disabled by default. To
enable SRV support, set the check_srv
option to the name of the service
required. For example,
check_srv = smtp |
looks for SRV records that refer to the normal smtp service. The option is
expanded, so the service name can vary from message to message or address
to address. This might be helpful if SRV records are being used for a
submission service. If the expansion is forced to fail, the check_srv
option is ignored, and the router proceeds to look for MX records in the
normal way.
When the expansion succeeds, the router searches first for SRV records for the given service (it assumes TCP protocol). A single SRV record with a host name that consists of just a single dot indicates "no such service for this domain"; if this is encountered, the router declines. If other kinds of SRV record are found, they are used to construct a host list for delivery according to the rules of RFC 2782. MX records are not sought in this case.
When no SRV records are found, MX records (and address records) are sought in the traditional way. In other words, SRV records take precedence over MX records, just as MX records take precedence over address records. Note that this behaviour is not sanctioned by RFC 2782, though a previous draft RFC defined it. It is apparently believed that MX records are sufficient for email and that SRV records should not be used for this purpose. However, SRV records have an additional "weight" feature which some people might find useful when trying to split an SMTP load between hosts of different power.
See section Problems with DNS lookups above for a discussion of Exim's behaviour when there is a DNS lookup error.
| Use: dnslookup | Type: domain list* | Default: unset |
A domain that matches mx_domains
is required to have either an MX or an SRV
record in order to be recognized. (The name of this option could be improved.)
For example, if all the mail hosts in fict.example are known to have MX
records, except for those in discworld.fict.example, you could use this
setting:
mx_domains = ! *.discworld.fict.example : *.fict.example |
This specifies that messages addressed to a domain that matches the list but has no MX record should be bounced immediately instead of being routed using the address record.
| Use: dnslookup | Type: domain list* | Default: unset |
If the DNS lookup for MX records for one of the domains in this list causes a DNS lookup error, Exim behaves as if no MX records were found. See section Problems with DNS lookups for more discussion.
| Use: dnslookup | Type: boolean | Default: true |
When this option is true, the resolver option RES_DEFNAMES is set for DNS lookups. Typically, but not standardly, this causes the resolver to qualify single-component names with the default domain. For example, on a machine called dictionary.ref.example, the domain thesaurus would be changed to thesaurus.ref.example inside the resolver. For details of what your resolver actually does, consult your man pages for resolver and resolv.conf.
| Use: dnslookup | Type: boolean | Default: true |
If the domain name in the address that is being processed is not fully
qualified, it may be expanded to its full form by a DNS lookup. For example, if
an address is specified as dormouse@teaparty, the domain might be
expanded to teaparty.wonderland.fict.example. Domain expansion can also
occur as a result of setting the widen_domains
option. If
rewrite_headers
is true, all occurrences of the abbreviated domain name in
any Bcc:, Cc:, From:, Reply-to:, Sender:, and To:
header lines of the message are rewritten with the full domain name.
This option should be turned off only when it is known that no message is ever going to be sent outside an environment where the abbreviation makes sense.
When an MX record is looked up in the DNS and matches a wildcard record, name servers normally return a record containing the name that has been looked up, making it impossible to detect whether a wildcard was present or not. However, some name servers have recently been seen to return the wildcard entry. If the name returned by a DNS lookup begins with an asterisk, it is not used for header rewriting.
| Use: dnslookup | Type: boolean | Default: false |
Addresses with the same domain are normally routed by the dnslookup
router
to the same list of hosts. However, this cannot be presumed, because the router
options and preconditions may refer to the local part of the address. By
default, therefore, Exim routes each address in a message independently. DNS
servers run caches, so repeated DNS lookups are not normally expensive, and in
any case, personal messages rarely have more than a few recipients.
If you are running mailing lists with large numbers of subscribers at the same
domain, and you are using a dnslookup
router which is independent of the
local part, you can set same_domain_copy_routing
to bypass repeated DNS
lookups for identical domains in one message. In this case, when dnslookup
routes an address to a remote transport, any other unrouted addresses in the
message that have the same domain are automatically given the same routing
without processing them independently,
provided the following conditions are met:
headers_add
or
headers_remove
.
| Use: dnslookup | Type: boolean | Default: false |
When this option is true, the resolver option RES_DNSRCH is set for DNS
lookups. This is different from the qualify_single
option in that it
applies to domains containing dots. Typically, but not standardly, it causes
the resolver to search for the name in the current domain and in parent
domains. For example, on a machine in the fict.example domain, if looking
up teaparty.wonderland failed, the resolver would try
teaparty.wonderland.fict.example. For details of what your resolver
actually does, consult your man pages for resolver and resolv.conf.
Setting this option true can cause problems in domains that have a wildcard MX record, because any domain that does not have its own MX record matches the local wildcard.
| Use: dnslookup | Type: domain list* | Default: unset |
If the DNS lookup for SRV records for one of the domains in this list causes a DNS lookup error, Exim behaves as if no SRV records were found. See section Problems with DNS lookups for more discussion.
| Use: dnslookup | Type: string list | Default: unset |
If a DNS lookup fails and this option is set, each of its strings in turn is added onto the end of the domain, and the lookup is tried again. For example, if
widen_domains = fict.example:ref.example |
is set and a lookup of klingon.dictionary fails,
klingon.dictionary.fict.example is looked up, and if this fails,
klingon.dictionary.ref.example is tried. Note that the qualify_single
and search_parents
options can cause some widening to be undertaken inside
the DNS resolver. widen_domains
is not applied to sender addresses
when verifying, unless rewrite_headers
is false (not the default).
[ < ] | [ > ] | [ << ] | [ Up ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
When a domain from an envelope recipient is changed by the resolver as a result
of the qualify_single
or search_parents
options, Exim rewrites the
corresponding address in the message's header lines unless rewrite_headers
is set false. Exim then re-routes the address, using the full domain.
These two options affect only the DNS lookup that takes place inside the router for the domain of the address that is being routed. They do not affect lookups such as that implied by
domains = @mx_any |
that may happen while processing a router precondition before the router is entered. No widening ever takes place for these lookups.
[ << ] | [ >> ] | [Top] | [Contents] | [Index] | [ ? ] |
This document was generated on September, 11 2009 using texi2html 1.78.