Warning to Linux postmasters

Make sure you have the line mdns off in /etc/host.conf on your incoming SMTP servers.

One of my colleagues in our network engineering team discovered today that ppswitch was spewing multicast packets, much to our surprise. It turns out that recent versions of glibc have quietly added support for multicast DNS to the resolver. Multicast DNS is part of Apple’s zeroconf networking system (aka Bonjour, previously known as Rendezvous), and it takes over host names ending in .local. See it in action by typing strace ping foo.local and observe it sending a DNS query to the class D multicast address 224.0.0.251.

Since MXs have to deal with untold quantities of crap (at the moment about 96% of the email we’re offered - 6 million messages per day - is junk) and since one of the key crap detection tools is the DNS, ppswitch ends up doing a lot of crap DNS lookups. A significant number of these (10,000 per day) are names ending in .local which thereby trigger mdns lookups. However these names do not come from machines named via zeroconf: they are mostly Small Business Server installations which have followed Microsoft’s recommendations for choosing a domain name.

It is a great source of joy and wonder that Apple and Microsoft both use .local in conflicting ways. This is truly the Zen of standards: contemplate it deeply and you may achieve enlightenment. (if you don’t go mad)