[Freeipa-devel] [PATCH] 057 Validate MX records
Rob Crittenden
rcritten at redhat.com
Wed Feb 16 14:57:07 UTC 2011
Jakub Hrozek wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 02/16/2011 03:28 PM, Jakub Hrozek wrote:
>> On Tue, Feb 15, 2011 at 03:45:12PM -0500, Rob Crittenden wrote:
>>> Jakub Hrozek wrote:
>>>> -----BEGIN PGP SIGNED MESSAGE-----
>>>> Hash: SHA1
>>>>
>>>> https://fedorahosted.org/freeipa/ticket/967
>>>>
>>>> I'm wondering whether to extend the patch - if the mail server name does
>>>> not end with a dot, BIND treats it as relative to the zone.
>>>>
>>>> So if you do:
>>>> ipa dnsrecord-add example.com @ --mx-rec="10 mail.example.com"
>>>>
>>>> dig would then return mail.example.com.example.com
>>>>
>>>> The correct way of adding it is (note the trailing dot):
>>>> ipa dnsrecord-add example.com @ --mx-rec="10 mail.example.com."
>>>>
>>>> This is in line with how nsupdate works, so should we just document it?
>>>> A smarter way might be to check if the hostname ends with the zone name
>>>> and append a dot, but I'm not sure if that perhaps /too/ smart..
>>>
>>> While we're at this should we enforce that prio is>= 0 and< MAXINT ?
>>
>> Good suggestion, thanks. As per the MX record documentation I found it
>> should actually be between 0 and 65535, so this is what the patch
>> enforces.
>>
>> Jan's suggestion to rename the parameter is also included.
>>
>>
>
> Rob reminded me that the example included was actually wrong. New patch
> attached.
ack, pushed to master
More information about the Freeipa-devel
mailing list