Open horkhe opened 2 years ago
horkhe
commented
2 years ago By the way we ran into similar issue: the LookupSRV function does not work well with Nomad/Consule that exposes instance ip:port via SRV records, but LookupSRV enforces domain names. So guys, maybe you should stop trying to "fix" the Internet and just make resolver methods return whatever DNS servers provide you with. Or at least provide us with a way to disable the annoying validation.
cagedmantis
commented
2 years ago @ianlancetaylor @neild
dcormier
commented
7 months ago I've noticed this a bit, lately. Here's a handful of domains with MX records where at least one is an IP address (as of 2024-04-19):
testsys.comeohu.calibertyhardware.comsbc-holding.comvictoriafallshotel.comlucelec.comclearchannel.com.brthefloow.comcityofscottsboro.com
ianlancetaylor
commented
7 months ago CC @rolandshoemaker @golang/security
mateusz834
commented
7 months ago We currently support domain names that contain digits in arbitrary places, but it also has to contain at least one non-digit character (except dots).
Also RFC 1123:
2.1 Host Names and Numbers The syntax of a legal Internet host name was specified in RFC-952 [DNS:4]. One aspect of host name syntax is hereby changed: the restriction on the first character is relaxed to allow either a letter or a digit. Host software MUST support this more liberal syntax.
RFC 8499:
Note that any label in a domain name can contain any octet value; hostnames are generally considered to be domain names where every label follows the rules in the "preferred name syntax", with the amendment that labels can start with ASCII digits (this amendment comes from Section 2.1 of [RFC1123]).
horkhe
commented
1 week ago RFC is great, but we are talking about the real world. And the reality is that people do not read RFC. Being a bulk email sender (mailgun.com) we stumbled up on such cases. Currently we are getting around by using private net.(*Resolver).lookupMX with go:linkname hack. But as of Go 1.23 using go:linkname will be prohibited. So I guess the only option we will have is to just vendor/reimplement chunks of net.Resolver.
rolandshoemaker
commented
1 week ago @horkhe could you provide some data on the rates at which you see this issue?
I am not particularly opposed to being more lax here (i.e. just loosening the restriction to LDH+IP), but I don't want to do this if we're only fixing a very small number of otherwise incorrectly behaving servers. If there is data that shows this is actually significantly common, and there are high-volume mail servers that are relying on this behavior, then it would perhaps be reasonable to do.
This is a followup to #46979. I found another case where https://golang.org/cl/322230 broke the original logic. Even though MX records MUST contain domain names, occasionally they contain IP addresses. And this change considers IP addresses as invalid records and returns an error making delivery to respective email service providers impossible. The number of such cases is minuscule in the great schema things, but still we at Mailgun handle a few thousand messages to such email providers per hour. So in the spirit of Robustness Principal I believe a change should be made to allow IP addresses in MX records.