[RFC] Change checkdnsrr() $type argument behavior

10 years ago by Michael Wallner — view source

unread

From what I can tell, there are valid arguments to be made for both, so I
would love to see some discussion/debate here regarding which solution
should be implemented, as I'm currently undecided. Also please feel free
to point out any areas of improvement for the RFC itself.

Functions don't throw E_ERROR on missing argument.

And ANY is about as bad as MX.

10 years ago by Kris Craig — view source

unread

From what I can tell, there are valid arguments to be made for both, so
I
would love to see some discussion/debate here regarding which solution
should be implemented, as I'm currently undecided. Also please feel
free
to point out any areas of improvement for the RFC itself.

Functions don't throw E_ERROR on missing argument.

And ANY is about as bad as MX.

I can fix that. What would be the customary one to throw for a missing arg?

--Kris

10 years ago by Kris Craig — view source

unread

I checked and it looks like E_WARNING is what we currently throw for that.
Should we consider changing that to E_ERROR? I mean, if a function
requires an argument that's missing, I don't think we'd want that script
execution to continue.

What's the reasoning behind the current behavior of just throwing a warning
on broken function calls like this? Are we just mimicking behavior in
other languages or something? I'm sorry if this is a stupid question, but
I honestly can't figure out why it's preferable to only throw a warning on
these.

--Kris

From what I can tell, there are valid arguments to be made for both,
so I
would love to see some discussion/debate here regarding which solution
should be implemented, as I'm currently undecided. Also please feel
free
to point out any areas of improvement for the RFC itself.

Functions don't throw E_ERROR on missing argument.

And ANY is about as bad as MX.

I can fix that. What would be the customary one to throw for a missing
arg?

--Kris

10 years ago by Pierre Joye — view source

unread

hi Kris,

Per discussion in an earlier thread. Here's the RFC:

https://wiki.php.net/rfc/checkdnsrr-default-type

Basically, this RFC seeks to make it so that PHP's checkdnsrr() function,
which is most commonly used to see whether or not a hostname exists, no
longer restricts itself to only MX records by default.

Though the RFC itself is a no-brainer, the more difficult question is which
solution should be implemented. The two options currently presented are
changing default from "MX" to "ANY", which would cause it to check all
records and not just MX; and getting rid of the default altogether and
making it so that the argument is required.

From what I can tell, there are valid arguments to be made for both, so I
would love to see some discussion/debate here regarding which solution
should be implemented, as I'm currently undecided. Also please feel free
to point out any areas of improvement for the RFC itself.

I am not sure which problem this RFC tries to solve, do you have any
example showing the issues please?

Cheers,

Pierre

@pierrejoye | http://www.libgd.org

10 years ago by Kris Craig — view source

unread

hi Kris,

Per discussion in an earlier thread. Here's the RFC:

https://wiki.php.net/rfc/checkdnsrr-default-type

Basically, this RFC seeks to make it so that PHP's checkdnsrr()
function,
which is most commonly used to see whether or not a hostname exists, no
longer restricts itself to only MX records by default.

Though the RFC itself is a no-brainer, the more difficult question is
which
solution should be implemented. The two options currently presented are
changing default from "MX" to "ANY", which would cause it to check all
records and not just MX; and getting rid of the default altogether and
making it so that the argument is required.

From what I can tell, there are valid arguments to be made for both, so
I
would love to see some discussion/debate here regarding which solution
should be implemented, as I'm currently undecided. Also please feel
free
to point out any areas of improvement for the RFC itself.

I am not sure which problem this RFC tries to solve, do you have any
example showing the issues please?

Cheers,

Pierre

@pierrejoye | http://www.libgd.org

It's not a bug or anything. The problem is that the current behavior is
very counter-intuitive, not to mention unnecessary because there's already
another function dedicated to MX lookups.

At my job, we wasted a good deal of time troubleshooting what appeared to
be a weird DNS issue that turned out to just be a checkdnsrr() lookup that
was looking only for MX records because a second argument wasn't passed. I
cannot think of any use case served by this behavior.

--Kris

10 years ago by Pierre Joye — view source

unread

Well, for what I can see users already take into account this part of
the issue then:

https://github.com/search?l=php&q=checkdnsrr&type=Code&utf8=%E2%9C%93

changing the default will make create code compatibility between 5.x
and 7.x, killing the gains we may have by changing the default.

Cheers,

Pierre

@pierrejoye | http://www.libgd.org

10 years ago by Kris Craig — view source

unread

Well, for what I can see users already take into account this part of
the issue then:

https://github.com/search?l=php&q=checkdnsrr&type=Code&utf8=%E2%9C%93

changing the default will make create code compatibility between 5.x
and 7.x, killing the gains we may have by changing the default.

Cheers,

Pierre

@pierrejoye | http://www.libgd.org

That's why we have the option of just making that arg required without a
default, which would be targetted for PHP 7.

--Kris

10 years ago by Pierre Joye — view source

unread

Well, for what I can see users already take into account this part of
the issue then:

https://github.com/search?l=php&q=checkdnsrr&type=Code&utf8=%E2%9C%93

changing the default will make create code compatibility between 5.x
and 7.x, killing the gains we may have by changing the default.

Cheers,

Pierre

@pierrejoye | http://www.libgd.org

That's why we have the option of just making that arg required without a
default, which would be targetted for PHP 7.

I got that :)

but now imagine one doing the following call now:

checkdnsrr("myhost") == TRUE

where only MX was set and we suddenly change the default to ANY but
ANY does not include MX, then the validation will simply fail and the
code will become either:

checkdnsrr("myhost", 'MX') == TRUE

and for what I see, most of the usages are done to valid emails.

I am not saying I am against such changes, I only do not see the gains
but the possible pains in a couple of situations, these pains will
make migration harder with no technical gains from our side.

Cheers,

Pierre

@pierrejoye | http://www.libgd.org

10 years ago by Kris Craig — view source

unread

On Mon, Sep 22, 2014 at 9:07 AM, Kris Craig kris.craig@gmail.com
wrote:

Well, for what I can see users already take into account this part of
the issue then:

https://github.com/search?l=php&q=checkdnsrr&type=Code&utf8=%E2%9C%93

changing the default will make create code compatibility between 5.x
and 7.x, killing the gains we may have by changing the default.

Cheers,

Pierre

@pierrejoye | http://www.libgd.org

That's why we have the option of just making that arg required without a
default, which would be targetted for PHP 7.

I got that :)

but now imagine one doing the following call now:

checkdnsrr("myhost") == TRUE

where only MX was set and we suddenly change the default to ANY but
ANY does not include MX, then the validation will simply fail and the
code will become either:

Why doesn't ANY include MX? That also seems counter-intuitive, as one
would assume that "ANY" would check for any type of record.

checkdnsrr("myhost", 'MX') == TRUE

and for what I see, most of the usages are done to valid emails.

Hmm that hasn't been my experience, but regardless, they should be using
checkmxrr() for that, anyway. As it stands now, the default behavior of
checkdnsrr() just redundantly mirrors the behavior of another function and
for no apparent reason.

I am not saying I am against such changes, I only do not see the gains
but the possible pains in a couple of situations, these pains will
make migration harder with no technical gains from our side.

I do think it would be a usability gain, if not a technical one. And I've
long been of the opinion that major version increments like PHP 7 are the
ideal time to implement such improvements, even despite some potential
edge-case BC.

What if we got rid of the option to change the default and instead just
went with making both args required?

--Kris

Cheers,

Pierre

@pierrejoye | http://www.libgd.org

10 years ago by Pierre Joye — view source

unread

On Mon, Sep 22, 2014 at 9:07 AM, Kris Craig kris.craig@gmail.com
wrote:

Well, for what I can see users already take into account this part of
the issue then:

https://github.com/search?l=php&q=checkdnsrr&type=Code&utf8=%E2%9C%93

changing the default will make create code compatibility between 5.x
and 7.x, killing the gains we may have by changing the default.

Cheers,

Pierre

@pierrejoye | http://www.libgd.org

That's why we have the option of just making that arg required without a
default, which would be targetted for PHP 7.

I got that :)

but now imagine one doing the following call now:

checkdnsrr("myhost") == TRUE

where only MX was set and we suddenly change the default to ANY but
ANY does not include MX, then the validation will simply fail and the
code will become either:

Why doesn't ANY include MX? That also seems counter-intuitive, as one would
assume that "ANY" would check for any type of record.

I meant in the case when a DNS record has no MX entry.

checkdnsrr("myhost", 'MX') == TRUE

and for what I see, most of the usages are done to valid emails.

Hmm that hasn't been my experience, but regardless, they should be using
checkmxrr() for that, anyway. As it stands now, the default behavior of
checkdnsrr() just redundantly mirrors the behavior of another function and
for no apparent reason.

Other are only aliases, not the other way round.

I am not saying I am against such changes, I only do not see the gains
but the possible pains in a couple of situations, these pains will
make migration harder with no technical gains from our side.

I do think it would be a usability gain, if not a technical one. And I've
long been of the opinion that major version increments like PHP 7 are the
ideal time to implement such improvements, even despite some potential
edge-case BC.

What if we got rid of the option to change the default and instead just went
with making both args required?

Same results

10 years ago by Sanford Whiteman — view source

unread

Hi Kris,

On a broad level, your RFC asserts that checkdnsrr() is used to
determine "whether or not a hostname exists," but you don't actually
define "exists." It seems to me you're glossing over the fact that
"existence" is application-specific and doesn't add up to one single
RR type or set of types.

For example, when setting up a web hosting account (www.example.com),
or, say, an organization-wide account for a web app
(sharepoint.example.com) when example.com's DNS is managed by the
tenant, we may want to determine whether the hostname "exists": "Is
there an A or CNAME RR in the DNS for that hostname?" [1] Of course,
that A/CNAME needs to eventually point to your servers to be useful,
but with this barebones, non-professional-grade check, we could at
least tell the tenant they pre-created a record successfully. (Or,
contrariwise, we could tell them the hostname already exists, so it
may already be used by one of their other apps.) Note if checkdnsrr()
did an ANY query, true would be meaningless in this context. It
would be an instant false-positive if there were only an SOA and a
coupla NSs.

But when setting up a new user for a different kind of app, we may use
their e-mail address (john@example.com) as their username and we'll
most certainly use it for a verification e-mail. Here, we might
quick-check whether example.com "exists" in the mail context, giving a
reasonable expectation that it will accept mail (maybe not ours, of
course!): "Is there an MX, A, or CNAME RR in the DNS for that
hostname?" [2] This is a different, perfectly valid way that a
hostname may "exist." Note again if checkdnsrr() defaulted to ANY,
true would be meaningless/misleading. And also note (I'll explore
this again below) that an MX record is not required to accept mail.
You can't decide that a domain is SMTP-nonexistent just because
there's no MX. Users will just be angry if they are already receiving
mail and you tell them their address hard-failed your preflight check:
warn them, perhaps, but leave it up to the SMTP layer to make those
hard decisions.

For another example, if you run a purpose-built DNS management app,
you may want to know if a domain is in the DNS at all: "Are there
simply SOA and NS RRs in the DNS?" This is another completely valid
meaning. You wouldn't want to check for CNAME, MX, or A here, since
none of them are mandatory. True, you could in theory waste your
resources on an ANY query for this one. But it is not a compelling
reason to have ANY be the default.

For yet another example, if I'm building an SPF test tool I want to
check if TXT or SPF/99 records exist for the hostname. I don't care
if the hostname has CNAME, MX, or A -- in fact, a hostname w/an SPF
record solely to discourage Joe Jobs doesn't need to prove its
existence in any other way.

I mean, that's the thing about DNS. It serves tens of different
purposes. It's not possible to assume what people are looking for when
they build a specialized PHP app. It could very well be that an app
doesn't ever test for existence of A/CNAME, but only existence of SRV
records. Or only PTRs.

On one note I fully agree. The defaulting to MX sucks. But as others
have pointed out it's a BC break to try to manipulate the arg list at
this point in time. I think it would be good, maybe, to update the
docs with something like (though less clumsy): "This function's
default behavior is to verify the existence of MX records for a
hostname. MXs prove the domain owner's intent to receive mail.
However, a result of false does not mean a domain cannot receive
mail, as MXs are not mandatory." Perhaps try to condition people to
be more aware of what they're looking up and why. As someone else
said in the original thread, it's not too much to ask that PHP users
who decide to use DNS functions know what they're looking up.

Oh, and I also just caught a bug in the default behavior anyway.
Gonna log that now!

-- S.

[1] Here and elsewhere "A" means "A or AAAA," although as of late 2014
the IPV6 variant isn't sufficient to establish "existence" on the
public 'Net.
[2] I'm deliberately setting aside the vario us CNAME interactions
with MX records, which may result in successful mail delivery in many,
but not all, permutations: it may be safer to consider such setups
broken, as long as you let the user confirm "Yes, I vouch for my
domain's setup/existence/operation even though you found problems."

10 years ago by Kris Craig — view source

unread

On Mon, Sep 22, 2014 at 8:09 PM, Sanford Whiteman figureonecpr@gmail.com
wrote:

Hi Kris,

On a broad level, your RFC asserts that checkdnsrr() is used to
determine "whether or not a hostname exists," but you don't actually
define "exists." It seems to me you're glossing over the fact that
"existence" is application-specific and doesn't add up to one single
RR type or set of types.

For example, when setting up a web hosting account (www.example.com),
or, say, an organization-wide account for a web app
(sharepoint.example.com) when example.com's DNS is managed by the
tenant, we may want to determine whether the hostname "exists": "Is
there an A or CNAME RR in the DNS for that hostname?" [1] Of course,
that A/CNAME needs to eventually point to your servers to be useful,
but with this barebones, non-professional-grade check, we could at
least tell the tenant they pre-created a record successfully. (Or,
contrariwise, we could tell them the hostname already exists, so it
may already be used by one of their other apps.) Note if checkdnsrr()
did an ANY query, true would be meaningless in this context. It
would be an instant false-positive if there were only an SOA and a
coupla NSs.

But when setting up a new user for a different kind of app, we may use
their e-mail address (john@example.com) as their username and we'll
most certainly use it for a verification e-mail. Here, we might
quick-check whether example.com "exists" in the mail context, giving a
reasonable expectation that it will accept mail (maybe not ours, of
course!): "Is there an MX, A, or CNAME RR in the DNS for that
hostname?" [2] This is a different, perfectly valid way that a
hostname may "exist." Note again if checkdnsrr() defaulted to ANY,
true would be meaningless/misleading. And also note (I'll explore
this again below) that an MX record is not required to accept mail.
You can't decide that a domain is SMTP-nonexistent just because
there's no MX. Users will just be angry if they are already receiving
mail and you tell them their address hard-failed your preflight check:
warn them, perhaps, but leave it up to the SMTP layer to make those
hard decisions.

For another example, if you run a purpose-built DNS management app,
you may want to know if a domain is in the DNS at all: "Are there
simply SOA and NS RRs in the DNS?" This is another completely valid
meaning. You wouldn't want to check for CNAME, MX, or A here, since
none of them are mandatory. True, you could in theory waste your
resources on an ANY query for this one. But it is not a compelling
reason to have ANY be the default.

For yet another example, if I'm building an SPF test tool I want to
check if TXT or SPF/99 records exist for the hostname. I don't care
if the hostname has CNAME, MX, or A -- in fact, a hostname w/an SPF
record solely to discourage Joe Jobs doesn't need to prove its
existence in any other way.

I mean, that's the thing about DNS. It serves tens of different
purposes. It's not possible to assume what people are looking for when
they build a specialized PHP app. It could very well be that an app
doesn't ever test for existence of A/CNAME, but only existence of SRV
records. Or only PTRs.

On one note I fully agree. The defaulting to MX sucks. But as others
have pointed out it's a BC break to try to manipulate the arg list at
this point in time.

I agree that it would be a BC, but I believe it would be a very minor one,
as I doubt very many people are relying on the current default behavior.
This minor level of BC would not be inappropriate for a major version
increment, as it's expected that there will be at least some BC there.

Based on your comments relating to DNS in general, it sounds like
defaulting to "ANY" wouldn't be much better than the current default. I'm
beginning to lean heavily towards removing the second voting option and
limiting the scope of the RFC to just making the second argument required
for this reason. What would happen is it'd throw an E_DEPRECATED for at
least the remainder of 5.x, then throw the usual E_WARNING for a missing
argument starting in 7.x with no default.

It has been my observation that a number of good ideas (and fixes to bad
ideas) have been set aside over fears of BC breakage. While I agree
there's certainly a place for such caution, refusing to ever allow any BC
for such improvements even in major version increments essentially ties our
hands together and prevents the language from evolving past some of its
negative aspects. BC is, by its very nature, a short-term concern. I
doubt anybody is experiencing any problems caused by any BC that occurred
between PHP 3 and PHP 4, for example. That's why I think major version
increments are the ideal time to implement more long-term objectives that
may carry a marginal short-term BC cost. Given that just about everyone
here agrees that the current behavior is more or less ridiculous that
doesn't serve any use cases not better served elsewhere, that alone should
be sufficient reason to vote yes on this.

I'll update the RFC later to reflect the feedback people have given here
thus far. I'll most likely be removing the second voting option and
instead just make it a required argument-- if anybody objects to this part,
please say so now and we'll discuss further. I'll also change E_ERROR to
E_WARNING to make it consistent with how other functions deal with missing
args. Am I missing anything?

--Kris

I think it would be good, maybe, to update the
docs with something like (though less clumsy): "This function's
default behavior is to verify the existence of MX records for a
hostname. MXs prove the domain owner's intent to receive mail.
However, a result of false does not mean a domain cannot receive
mail, as MXs are not mandatory." Perhaps try to condition people to
be more aware of what they're looking up and why. As someone else
said in the original thread, it's not too much to ask that PHP users
who decide to use DNS functions know what they're looking up.

Oh, and I also just caught a bug in the default behavior anyway.
Gonna log that now!

-- S.

[1] Here and elsewhere "A" means "A or AAAA," although as of late 2014
the IPV6 variant isn't sufficient to establish "existence" on the
public 'Net.
[2] I'm deliberately setting aside the vario us CNAME interactions
with MX records, which may result in successful mail delivery in many,
but not all, permutations: it may be safer to consider such setups
broken, as long as you let the user confirm "Yes, I vouch for my
domain's setup/existence/operation even though you found problems."

10 years ago by Sanford Whiteman — view source

unread

What would happen is it'd throw an E_DEPRECATED for at least the remainder
of 5.x, then throw the usual E_WARNING for a missing argument starting in
7.x with no default.

Sounds OK to me now that I've noticed this:

https://bugs.php.net/bug.php?id=68081

Pretty sure that's a sane report, and it's enough to make me say
checkdnsrr() doesn't work now at all.

-- S.

10 years ago by Michael Wallner — view source

unread

What would happen is it'd throw an E_DEPRECATED for at least the remainder
of 5.x, then throw the usual E_WARNING for a missing argument starting in
7.x with no default.

Sounds OK to me now that I've noticed this:
https://bugs.php.net/bug.php?id=68081
Pretty sure that's a sane report, and it's enough to make me say
checkdnsrr() doesn't work now at all.

Given that this function is over 16 years old [1] and guessing that it
was used as a simple kind of email domain verification, I think
checkdnsrr() works as expected [2], [3].

[1] http://marc.info/?l=php-internals&m=90222489331812&w=2
[2] http://tools.ietf.org/html/rfc2821#section-5
[3] http://tools.ietf.org/html/rfc5321#section-5.1

--
Regards,
Mike

10 years ago by Kris Craig — view source

unread

What would happen is it'd throw an E_DEPRECATED for at least the
remainder
of 5.x, then throw the usual E_WARNING for a missing argument starting
in
7.x with no default.

Sounds OK to me now that I've noticed this:
https://bugs.php.net/bug.php?id=68081
Pretty sure that's a sane report, and it's enough to make me say
checkdnsrr() doesn't work now at all.
Given that this function is over 16 years old [1] and guessing that it
was used as a simple kind of email domain verification, I think
checkdnsrr() works as expected [2], [3].

[1] http://marc.info/?l=php-internals&m=90222489331812&w=2
[2] http://tools.ietf.org/html/rfc2821#section-5
[3] http://tools.ietf.org/html/rfc5321#section-5.1

--
Regards,
Mike

Except that it doesn't work as expected because most devs (including
myself) aren't readily familiar with posts from 1998. And even if that
were its purpose back then, that really has no relevance today, as the
purpose and identity of PHP itself has evolved drastically since then.

If that really is a concern, though, then I would propose getting rid of
checkdnsrr() altogether (or making it an alias of checkmxrr()) and creating
a new general-purpose DNS lookup function that returns a boolean. Of
course, I really don't think that's necessary since this stuff from 16
years ago doesn't have any meaningful bearing on how it's being used today
by modern PHP developers.

--Kris

10 years ago by Michael Wallner — view source

unread

On Tue, Sep 23, 2014 at 12:24 AM, Michael Wallner <mike@php.net
mailto:mike@php.net> wrote:
>> What would happen is it'd throw an `E_DEPRECATED` for at least the
remainder
>> of 5.x, then throw the usual `E_WARNING` for a missing argument
starting in
>> 7.x with no default.
>
> Sounds OK to me now that I've noticed this:
>
>     https://bugs.php.net/bug.php?id=68081
>
> Pretty sure that's a sane report, and it's enough to make me say
> `checkdnsrr()` doesn't work now at all.


Given that this function is over 16 years old [1] and guessing that it
was used as a simple kind of email domain verification, I think
`checkdnsrr()` works as expected [2], [3].

[1] http://marc.info/?l=php-internals&m=90222489331812&w=2
[2] http://tools.ietf.org/html/rfc2821#section-5
[3] http://tools.ietf.org/html/rfc5321#section-5.1

--
Regards,
Mike
Except that it doesn't work as expected because most devs (including
myself) aren't readily familiar with posts from 1998. And even if that
were its purpose back then, that really has no relevance today, as the
purpose and identity of PHP itself has evolved drastically since then.

If that really is a concern, though, then I would propose getting rid of
checkdnsrr() altogether (or making it an alias of checkmxrr()) and
creating a new general-purpose DNS lookup function that returns a
boolean. Of course, I really don't think that's necessary since this
stuff from 16 years ago doesn't have any meaningful bearing on how it's
being used today by modern PHP developers.

Phew, "modern" or rather "unaware" or "uneager to research"?
Anyway, I'm done with this topic; I don't see any reason for action,
except maybe, improving related documentation.

--
Regards,
Mike

10 years ago by Kris Craig — view source

unread

On Tue, Sep 23, 2014 at 12:24 AM, Michael Wallner <mike@php.net
mailto:mike@php.net> wrote:
>> What would happen is it'd throw an `E_DEPRECATED` for at least the
remainder
>> of 5.x, then throw the usual `E_WARNING` for a missing argument
starting in
>> 7.x with no default.
>
> Sounds OK to me now that I've noticed this:
>
>     https://bugs.php.net/bug.php?id=68081
>
> Pretty sure that's a sane report, and it's enough to make me say
> `checkdnsrr()` doesn't work now at all.


Given that this function is over 16 years old [1] and guessing that
it
was used as a simple kind of email domain verification, I think
`checkdnsrr()` works as expected [2], [3].

[1] http://marc.info/?l=php-internals&m=90222489331812&w=2
[2] http://tools.ietf.org/html/rfc2821#section-5
[3] http://tools.ietf.org/html/rfc5321#section-5.1

--
Regards,
Mike
Except that it doesn't work as expected because most devs (including
myself) aren't readily familiar with posts from 1998. And even if that
were its purpose back then, that really has no relevance today, as the
purpose and identity of PHP itself has evolved drastically since then.

If that really is a concern, though, then I would propose getting rid of
checkdnsrr() altogether (or making it an alias of checkmxrr()) and
creating a new general-purpose DNS lookup function that returns a
boolean. Of course, I really don't think that's necessary since this
stuff from 16 years ago doesn't have any meaningful bearing on how it's
being used today by modern PHP developers.
Phew, "modern" or rather "unaware" or "uneager to research"?
Anyway, I'm done with this topic; I don't see any reason for action,
except maybe, improving related documentation.

--
Regards,
Mike

Wow that got personal really fast. I was just saying that, when most devs
look-up a function on php.net, they don't also then search Google for any
decades-old references that might yield some additional insight on the
origin story of the function. I don't think that means they're not
intellectually curious.

--Kris

10 years ago by Sanford Whiteman — view source

unread

I don't think you tracked the behavior in the bug report.

If checkdnsrr() is doing an MX query -- not including implicit MX,
only explicit MX -- it must fail when there is no MX record. It can't
return true when there is a CNAME (and no MX record for the
canonical hostname, only an A) but false when there is an A (and no
MX record). That isn't an MX query, nor is it the way smtp-senders
operate, now or 16 years ago.

To quote the bug report, if somehost.example.com is a CNAME for
example.com, and example.com has an A record but no MX,
checkdnsrr('somehost.example.com') must not return different results
than checkdnsrr('example.com'). Either the function is trying to be
"smart" and emulate an smtp-sender (bad idea) and succeeds on both, or
it stays dumb and fails on both.

10 years ago by Pierre Joye — view source

unread

On Tue, Sep 23, 2014 at 9:41 AM, Sanford Whiteman
figureonecpr@gmail.com wrote:

I don't think you tracked the behavior in the bug report.

If checkdnsrr() is doing an MX query -- not including implicit MX,
only explicit MX -- it must fail when there is no MX record. It can't
return true when there is a CNAME (and no MX record for the
canonical hostname, only an A) but false when there is an A (and no
MX record). That isn't an MX query, nor is it the way smtp-senders
operate, now or 16 years ago.

To quote the bug report, if somehost.example.com is a CNAME for
example.com, and example.com has an A record but no MX,
checkdnsrr('somehost.example.com') must not return different results
than checkdnsrr('example.com'). Either the function is trying to be
"smart" and emulate an smtp-sender (bad idea) and succeeds on both, or
it stays dumb and fails on both.

if somehost.example.com has the MX, it should return true with
checkdnsrr('somehost.example.com'). If example has the MX set to
somehost.example.com or similar, it should return true as well. Or am
I missing your point?

--
Pierre

@pierrejoye | http://www.libgd.org

10 years ago by Sanford Whiteman — view source

unread

if somehost.example.com has the MX, it should return true with
checkdnsrr('somehost.example.com'). If example has the MX set to
somehost.example.com or similar, it should return true as well. Or am
I missing your point?

You are missing it, as there are no MX records involved. I'm
demonstrating that the function gives incorrect results in the absence
of an MX record because there is a bug in CNAME handling (or a bug in
A handling, if you prefer).

somehost.example.com has no MX RR. It has a CNAME (per DNS rules, the
CNAME must thus be the only record for somehost.example.com). The
CNAME points to example.com.

example.com has no MX RR. It has an A pointing to 1.2.3.4.

checkdnsrr('somehost.example.com') should return false. It returns true.
checkdnsrr('example.com') should return false. It returns false.

You could try to revise the docs and say, "Oh, it doesn't really mean
an MX lookup, it means an explicit MX or implicit MX, like how a
basic smtp-sender works. So that's why the CNAME --> A one returns
true." Except then 'example.com' should return true as well. It does
not: it returns false. Changing the docs does not fix the bug.

BTW, I've been reading SMTP RFCs since we were on good ol' 821, and
I'm plenty intellectually curious. I don't care if a function is
supposed to partially emulate an smtp-sender when verifying a domain,
or if it's supposed to run a dumb DNS MX query. It either does what
it's supposed to to do or it's broken.

-- S.

10 years ago by Michael Wallner — view source

unread

if somehost.example.com has the MX, it should return true with
checkdnsrr('somehost.example.com'). If example has the MX set to
somehost.example.com or similar, it should return true as well. Or am
I missing your point?

You are missing it, as there are no MX records involved. I'm
demonstrating that the function gives incorrect results in the absence
of an MX record because there is a bug in CNAME handling (or a bug in
A handling, if you prefer).

somehost.example.com has no MX RR. It has a CNAME (per DNS rules, the
CNAME must thus be the only record for somehost.example.com). The
CNAME points to example.com.

example.com has no MX RR. It has an A pointing to 1.2.3.4.

checkdnsrr('somehost.example.com') should return false. It returns true.
checkdnsrr('example.com') should return false. It returns false.

You could try to revise the docs and say, "Oh, it doesn't really mean
an MX lookup, it means an explicit MX or implicit MX, like how a
basic smtp-sender works. So that's why the CNAME --> A one returns
true." Except then 'example.com' should return true as well. It does
not: it returns false. Changing the docs does not fix the bug.

Ah okay, I think you're right. It shouldn't accept the CNAME.

--
Regards,
Mike

10 years ago by Michael Wallner — view source

unread

if somehost.example.com has the MX, it should return true with
checkdnsrr('somehost.example.com'). If example has the MX set to
somehost.example.com or similar, it should return true as well. Or am
I missing your point?

You are missing it, as there are no MX records involved. I'm
demonstrating that the function gives incorrect results in the absence
of an MX record because there is a bug in CNAME handling (or a bug in
A handling, if you prefer).

somehost.example.com has no MX RR. It has a CNAME (per DNS rules, the
CNAME must thus be the only record for somehost.example.com). The
CNAME points to example.com.

example.com has no MX RR. It has an A pointing to 1.2.3.4.

checkdnsrr('somehost.example.com') should return false. It returns true.
checkdnsrr('example.com') should return false. It returns false.

You could try to revise the docs and say, "Oh, it doesn't really mean
an MX lookup, it means an explicit MX or implicit MX, like how a
basic smtp-sender works. So that's why the CNAME --> A one returns
true." Except then 'example.com' should return true as well. It does
not: it returns false. Changing the docs does not fix the bug.

Ah okay, I think you're right. It shouldn't accept the CNAME.

Looking at the source, though, neither the code nor the docs make any
assertions on the actual type of response they got. So it could still be
seen as "works as expected", because it just checks if any answer is
received. If that functionality is useful could be debatable.

--
Regards,
Mike

10 years ago by Sanford Whiteman — view source

unread

Hi Mike,

So it could still be seen as "works as expected", because it just checks if any answer is received. If that functionality is useful could be debatable.

That's not expected. Chasing (dereferencing) CNAMEs is one of the
understood burdens of any DNS app; you can't treat the CNAME itself as
a positive response. Luckily standard apps don't rely on
DNS-to-boolean conversion like this or else the 'Net wouldn't work.

I'm glad you see I wasn't blowing smoke here.

-- S.

P.S. chekdnsrr() does the same thing for CNAMEs w/other RRtypes as
well, by the way. It'll confirm that www.php.net has an SRV record.
I mean, geez...