[369] in Hesiod
Re: HESIOD type=maildrop class=IN, Sendmail
daemon@ATHENA.MIT.EDU (Randall S. Winchester)
Fri Jan 23 02:17:03 1998
Date: Fri, 23 Jan 1998 02:15:12 -0500 (EST)
From: "Randall S. Winchester" <rsw@Glue.umd.edu>
To: Russell McOrmond <russell@flora.ottawa.on.ca>
Cc: hesiod@MIT.EDU, maildomain@flora.org
In-Reply-To: <199801230506.AAA24234@fox.flora.ottawa.on.ca>
We use Hesiod type=txt class=in in sendmail for aliases, system.aliases
majordomo.aliases, forward.aliases, etc as has been supported by sendmail
for many years. I assume the information is similar to;
hesinfo rsw aliases
rsw@Glue.umd.edu
with the sendmail.cf file with similar lines to;
O AliasFile=hesiod:aliases,hesiod:system.aliases,hesiod:majordomo.aliases
However, I also restrict these zone files to networks I support. I do not
think allowing others to do a zone transfer or random name queries of all
the email addresses on our systems is prudent in todays spam environment.
Now maybe with the advent of DNS-SEC some sort of trust relationship might
be able to be set up, otherwise I will not pass out my users mail addresses.
Randall
On Fri, 23 Jan 1998, Russell McOrmond wrote:
:
:
: I was bound to find some more data on the question of "Why IN vs HS"
: for storing Hesiod information. Here is both a pro, and a stronger CON
: for having the information in the 'IN' domain if you will be using the
: Sendmail MAP capabilities with libhesiod.
:
: Pro:
: I am interested in doing the direct-mapping for as many domains as
: possible as I believe that this information can aid in getting email
: directly to a user, and allow for more redundancy in Email. In the case
: of FLORA, many of the Email addresses are actually 'forwarded' on to
: another site. Publishing these forwarded addresses allows 'participating
: sites' to send the email direct to the destination.
:
: With the IN class we already have widely distributed NS records, and it
: is very easy to know what DNS host to attempt to get Hesiod information
: from. If the host didn't have information, it would be a wasted DNS
: lookup, but for myself the advantages seemed to overcome that.
:
:
: Con:
:
: While some have mentioned that the extra bandwidth was a problem, this
: was not what convinced me to move my Hesiod information back into the HS
: class, and change my config to have classes=HS .
:
: >From nslookup:
:
: ---cut---
: > foo.aracnet.net.
: Server: dns1.aracnet.net
: Address: 206.222.74.1
:
: *** dns1.aracnet.net can't find foo.aracnet.net.: Server failed
: > www.aracnet.net.
: Server: dns1.aracnet.net
: Address: 206.222.74.1
:
: Non-authoritative answer:
: www.aracnet.net canonical name = widow.aracnet.net
:
: Server: dns1.aracnet.net
: Address: 206.222.74.1
:
: www.flora.org internet address = 206.248.33.33
: flora.org nameserver = nic.flora.ottawa.on.ca
: flora.org nameserver = bud.sandelman.ottawa.on.ca
: flora.org nameserver = nic2.flora.ottawa.on.ca
: nic.flora.ottawa.on.ca internet address = 206.248.33.2
: bud.sandelman.ottawa.on.ca internet address = 209.151.24.17
: bud.sandelman.ottawa.on.ca internet address = 205.233.54.161
: nic2.flora.ottawa.on.ca internet address = 206.248.33.97
: > foo.flora.org.
: Server: dns1.aracnet.net
: Address: 206.222.74.1
:
: *** dns1.aracnet.net can't find foo.flora.org.: Non-existent host/domain
: >
: ---cut---
:
: For some reason, unknown to me at this point, when one looks up an
: unknown domain within aracnet.net, a 'server failed' message is
: returned. When you ask the same server for an unknown domain within
: flora.org, it returns a 'non-existant host/domain' message. There is
: something speci al in the way aracnet.net has their DNS configured.
:
: In the case of the Sendmail MAP where Hesiod is looking up in the IN
: class, it would fail in it's lookup and queue the message. Eventually
: (after 5 days) sendmail would bounce the message back to sender. In a
: situation where the IN lookup is not done and instead only an HS class
: lookup is done, the message is then delivered to aracnet.net based on the
: MX records that it does sucessfully publish in it's DNS.
:
:
: It seems that the best idea is still to try to build an HS class "root
: servers" where those running Hesiod compatible DNS servers and are
: publishing information can then tell each other about that. I know I
: would be interested to add NS records into my DNS for anyone publishing
: 'forwarding addresses' using the type 'maildrop'. Alternatively, is
: someone else keeping a list available that could be advertised and used?
:
:
: Note: For those who didn't know, I am using HESIOD with type=maildrop to
: do 'email forwarding'. The TXT information is just another Email
: address, and it is used directly by a sendmail MAP with some simple
: rules. Some initial documentation of what I'm doing is at
: http://www.flora.org/flora/server/maildomain.html - I will be updating
: this soon to be more complete and up-to-date.
:
: --
: Russell McOrmond, Internet Consultant: <http://www.flora.org/russell/work/>
: Community Network Comments http://www.flora.org/russell/papers/newyears98.html
: Ice storm press & links http://www.flora.org/russell/ice/
: First Nations? - Attacked by MAI? http://news.flora.org/flora.perc/340
:
