Skip to content

fix: Postfix: disable_dns_lookups => smtp_dns_support_level#4568

Merged
georglauterbach merged 2 commits intomasterfrom
gl/postfix-deprecated-amavis-config
Sep 10, 2025
Merged

fix: Postfix: disable_dns_lookups => smtp_dns_support_level#4568
georglauterbach merged 2 commits intomasterfrom
gl/postfix-deprecated-amavis-config

Conversation

@georglauterbach
Copy link
Copy Markdown
Member

@georglauterbach georglauterbach commented Sep 9, 2025
edited
Loading

see https://www.postfix.org/postconf.5.html#disable_dns_lookups

Description

Replaces the deprected option disable_dns_lookups with smtp_dns_support_level. This option was deprecated since Postfix 2.11.

Type of change

  • Improvement (non-breaking change that does improve existing functionality)

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation (README.md or the documentation under docs/)
  • If necessary, I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes
  • I have added information about changes made in this PR to CHANGELOG.md

@georglauterbach georglauterbach added this to the v16.0.0 milestone Sep 9, 2025
@georglauterbach georglauterbach self-assigned this Sep 9, 2025
@georglauterbach georglauterbach added service/postfix area/configuration (file) kind/update Update an existing feature, configuration file or the documentation labels Sep 9, 2025
@georglauterbach georglauterbach moved this to In Review in DMS Features & Tasks Sep 9, 2025
@georglauterbach georglauterbach mentioned this pull request Sep 9, 2025
Draft
10 tasks
@georglauterbach georglauterbach merged commit 0cf26f0 into master Sep 10, 2025
7 checks passed
@georglauterbach georglauterbach deleted the gl/postfix-deprecated-amavis-config branch September 10, 2025 07:17
@github-project-automation github-project-automation Bot moved this from In Review to Done in DMS Features & Tasks Sep 10, 2025
polarathene
polarathene reviewed Sep 14, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@polarathene polarathene left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No need to pay much attention to this review comment. It's only to provide some extra context for traceability.

Originally part of a larger PR with request to extract to separate one:
#4536 (review)

Comment thread target/amavis/postfix-amavis.cf
-o smtp_data_done_timeout=1200
-o smtp_send_xforward_command=yes
-o disable_dns_lookups=yes
-o smtp_dns_support_level=disabled
Copy link
Copy Markdown
Member

@polarathene polarathene Sep 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just to reference the Postfix docs on smtp_dns_support_level=disabled:

Disable DNS lookups. No MX lookups are performed and hostname to address lookups are unconditionally "native".
This setting is not appropriate for hosts that deliver mail to the public Internet. Some obsolete how-to documents recommend disabling DNS lookups in some configurations with content_filters.
This is no longer required and strongly discouraged.

and the prior (now deprecated) disable_dns_lookups=yes:

Disable DNS lookups in the Postfix SMTP and LMTP clients.

  • When disabled, hosts are looked up with the getaddrinfo() system library routine which normally also looks in /etc/hosts.
  • As of Postfix 2.11, this parameter is deprecated; use smtp_dns_support_level instead.

This setting would be for outbound SMTP traffic, so for when Amavis is sending back to Postfix, where DNS would be redundant 👍

Within our project, I did add some commentary about this for an SMTP_ONLY=1 feature test, but the test itself seemed borked, so we don't bother with testing it in the current state:

docker-mailserver/test/tests/parallel/set3/mta/smtponly.bats

Lines 28 to 30 in f343f7d

# TODO: needs complete rework when proper DNS container is running for tests
@test "sending mail should work" {
skip 'TODO: This test is absolutely broken and needs reworking!'

In that case, it seems it was to avoid external DNS record lookups, and was about a different/related Postfix DNS setting.

@polarathene polarathene mentioned this pull request Aug 31, 2025
Open
60 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@polarathene polarathene polarathene left review comments

@casperklein casperklein casperklein approved these changes

Assignees

@georglauterbach georglauterbach

Labels

area/configuration (file) kind/update Update an existing feature, configuration file or the documentation priority/low service/postfix

Projects

DMS Features & Tasks
Status: Done

Milestone

v16.0.0

Development

Successfully merging this pull request may close these issues.

3 participants

@georglauterbach @casperklein @polarathene