spf-discuss
[Top] [All Lists]

Re: [spf-discuss] Re: SPF adoption statistics

2005-11-23 16:14:54
Hector Santos writes:
So as I said, as EXIM learned by release 4.30, it is better to do a direct
DNS lookup first because quote "it turns out that that is the only
guaranteed way to find all the aliases on some systems."  and it goes on to
say, gethostbyaddr() works differently for various flavors of Unix.

It seems odd, but the EXIM author appears unaware that both Solaris
and Linux use NSS (Network Service Switch) to control where
gethostbyaddr() gets its results.  Also, both Solaris and Linux
support NIS (Network Information Service) as an alternative to DNS.

NIS is commonly used on corporate intranets, an environment where
Solaris is more common than Linux.  So for Solaris, it's common for
/etc/nsswitch to specify NIS as primary, and it's not unusual for DNS
to be simply unavailable.  Trying to use DNS on such boxes may
drastically impair performance.

Few Linux boxes are on such networks, and most Linux systems are on
networks where it's NIS that is unavailable, so the Linux default is
not to try to use it.  Typically, a Linux /etc/nsswitch entry for host
lookup is
                        hosts:      files dns
which says to consult /etc/hosts, then DNS.

On both systems, if NSS is not in use, the consultation order is
specified by /etc/host.conf, where the typical Linux entry is
                        order hosts,bind
which also says to consult /etc/hosts, then DNS.

Any software that is going to ignore these system settings should say
so in big red letters!  While many sysadmins may be oblivious to their
existence, some of us know what order/services we want used and rely
on our systems doing what we tell them.

--
Dick St.Peters, stpeters(_at_)NetHeaven(_dot_)com 

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com