Hacking the DNS Resolver

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Hacking the DNS Resolver

infaga03
Hello everyone:

I'm trying to modify postfix source, in order to resolve directly some
domains.

I'm really interested in knowing what is the function that resolves the
DNS lookup.

I've tried to modify some functions but I realized that in the end,
Postfix uses different stream from the one I've changed. For example, in
the function smtp_domain_addr(...); the variable named mx_names->qname;
when I change it to "xxx.xxx.xxx.xxx" it doesn't make effect on the final
direction.

I don't know if I should go deeper or upper in the code in order to make
that.

Thank you in advance,





Reply | Threaded
Open this post in threaded view
|

Re: Hacking the DNS Resolver

Victoriano Giralt-2
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

[hidden email] wrote:
| Hello everyone:
|
| I'm trying to modify postfix source, in order to resolve directly some
| domains.
I'm not sure what problem you are trying to solve going that route, but
I think you should definitely look into the transport maps before
hacking on the code:

http://www.postfix.org/transport.5.html

- --
Victoriano Giralt
Systems Manager
Central Computing Facility
University of Malaga
SPAIN
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIU+x9V6+mDjj1PTgRA1A9AJ9XkRWcbwGLhpsBl0Q3iAlPoVhn7ACdGVUM
izpOEu2MS1rNGg1v79p6CDE=
=nHXi
-----END PGP SIGNATURE-----
Reply | Threaded
Open this post in threaded view
|

Re: Hacking the DNS Resolver

Sahil Tandon
In reply to this post by infaga03
[hidden email] <[hidden email]> wrote:

> I'm trying to modify postfix source, in order to resolve directly some
> domains.

Modifying the code for this purpose is probably overkill.  What is the exact
problem you are trying to solve?  From the FAQ:

---

Postfix calls the C library routines gethostbyname() and gethostbyaddr() in
order to find out the SMTP client hostname. These library routines use
several system configuration files in order to satisfy the request. They may
in fact end up calling the DNS for reasons that are not under control by
Postfix.

Depending on your system, these controlling files can be named
/etc/nsswitch.conf, /etc/svcorder, /etc/host.conf or otherwise. Those files
specify whether the C library routines will use local /etc/hosts before or
after DNS.

---

Maybe you can place the hostname/IP pairs in /etc/hosts and make sure that
file is queried before DNS.

--
Sahil Tandon <[hidden email]>
Reply | Threaded
Open this post in threaded view
|

Re: Hacking the DNS Resolver

infaga03
> [hidden email] <[hidden email]> wrote:
>
>> I'm trying to modify postfix source, in order to resolve directly some
>> domains.
>
> Modifying the code for this purpose is probably overkill.  What is the
> exact
> problem you are trying to solve?  From the FAQ:
>
> ---
>
> Postfix calls the C library routines gethostbyname() and gethostbyaddr()
> in
> order to find out the SMTP client hostname. These library routines use
> several system configuration files in order to satisfy the request. They
> may
> in fact end up calling the DNS for reasons that are not under control by
> Postfix.
>
> Depending on your system, these controlling files can be named
> /etc/nsswitch.conf, /etc/svcorder, /etc/host.conf or otherwise. Those
> files
> specify whether the C library routines will use local /etc/hosts before or
> after DNS.
>
> ---
>
> Maybe you can place the hostname/IP pairs in /etc/hosts and make sure that
> file is queried before DNS.
>
> --
> Sahil Tandon <[hidden email]>
>


The exact problem we're trying to resolve:
Operation flow:
1.- Extract destination from the incoming SMTP message, for example: To:
[hidden email]
2.- Return an Specific IP & Port.
3.- Forward the SMTP message to the destination IP&Port.

I've tried to modify variable nexthop from:
smtp_connect.c:static void smtp_connect_remote(SMTP_STATE *state, const
char *nexthop, char *def_service);

but when I send a mail I mostly get a 550 error.

I've tried also to print a debug message with msg_info before all the
gethostbyname() calls; but it seems that postfix isn't using this
function.

Thank you again.

Antonio G. A.

Reply | Threaded
Open this post in threaded view
|

Re: Hacking the DNS Resolver

mouss-2
[hidden email] wrote:

>> [hidden email] <[hidden email]> wrote:
>>
>>    
>>> I'm trying to modify postfix source, in order to resolve directly some
>>> domains.
>>>      
>> Modifying the code for this purpose is probably overkill.  What is the
>> exact
>> problem you are trying to solve?  From the FAQ:
>>
>> ---
>>
>> Postfix calls the C library routines gethostbyname() and gethostbyaddr()
>> in
>> order to find out the SMTP client hostname. These library routines use
>> several system configuration files in order to satisfy the request. They
>> may
>> in fact end up calling the DNS for reasons that are not under control by
>> Postfix.
>>
>> Depending on your system, these controlling files can be named
>> /etc/nsswitch.conf, /etc/svcorder, /etc/host.conf or otherwise. Those
>> files
>> specify whether the C library routines will use local /etc/hosts before or
>> after DNS.
>>
>> ---
>>
>> Maybe you can place the hostname/IP pairs in /etc/hosts and make sure that
>> file is queried before DNS.
>>
>> --
>> Sahil Tandon <[hidden email]>
>>
>>    
>
>
> The exact problem we're trying to resolve:
> Operation flow:
> 1.- Extract destination from the incoming SMTP message, for example: To:
> [hidden email]
> 2.- Return an Specific IP & Port.
> 3.- Forward the SMTP message to the destination IP&Port.
>  

if you are about envelope recipient (RCPT TO command), then use
transport_maps

example.com                       [some.ip]:port
[hidden email]        [another.ip]:anotherport


do not take routing decisions based on the To: header. The To: header is
informational only. for example, this message does not contain your
address in its To: header, but it is delivered to you.

> I've tried to modify variable nexthop from:
> smtp_connect.c:static void smtp_connect_remote(SMTP_STATE *state, const
> char *nexthop, char *def_service);
>
> but when I send a mail I mostly get a 550 error.
>
> I've tried also to print a debug message with msg_info before all the
> gethostbyname() calls; but it seems that postfix isn't using this
> function.
>
> Thank you again.
>
> Antonio G. A.
>
>  

Reply | Threaded
Open this post in threaded view
|

Re: Hacking the DNS Resolver

Wietse Venema
In reply to this post by infaga03
[hidden email]:
> Operation flow:
> 1.- Extract destination from the incoming SMTP message, for example: To:
> [hidden email]
> 2.- Return an Specific IP & Port.
> 3.- Forward the SMTP message to the destination IP&Port.

As mentioned already, use the TRANSPORT map feature.

/etc/postfix/main.cf:
    transport_maps = hash:/etc/postfix/transport

/etc/postfix/transport:
    # Send [hidden email] to IP address 1.2.3.4, TCP Port 9999.
    [hidden email] [1.2.3.4]:9999

See "man 5 transport" for more details.

        Wietse