On Tue, 2009-05-19 at 09:39 +0200, Ralf Hildebrandt wrote: > * Steve <steve.h...@digitalcertainty.co.uk>: > > > I disagree. It looks like Postfix is broken. Whilst I can see the desire > > to look up private IP ranges to see if they have a PTR record, it would > > not be unreasonable to expect it not to do it for trusted clients - such > > as those defined in 'my_networks'. > > Where is this behaviour documented? Good question. If it is not surely it would make a sensible feature request? Clearly as an expert on Postfix perhaps you can tell *ME* how to get Postfix to stop attempting rubbish DNS lookups rather than try and start an argument with me?
Asking the question with the BIND list (which I did before coming here) clearly put the blame on the attempting client here - AKA 'Postfix'. Postfix is asking stupid questions to public DNS servers. They are nonsensical in my network context. That is, small class C with a handful of hosts, external DNS. Not only are they nonsensical queries to make, they are also a total waste of network resources and bandwidth. The fix here is to stop the client making them, not to stop the resolver from answering them. Just where is anything fully documented with Postfix? There is a lot of 'half' documentation Ralf and plenty of 'assumed that you know'. It the documentation was soooo great I would not have had to ask on a list for something rather basic like this. > > > As a trusted and solid MTA there must be a way to get it to stop leaking > > rubbish DNS lookups from private networks ? > > You could set up your forwarder/local DNS properly. This doesn't > happen here. If somebody asks you a stupid question, you still have to answer it if the rules say so Ralf. It may waste your time, it may waste your resources, but answer it you must. If Postfix asks a stupid question of the DNS system, it still has to be answered. The fix is *not* to make any changes to the DNS system, the fix is to stop the stupid question in the first place. I'm sorry we don't agree on this. Please don't waste any more of your time following this up. Regards Steve