/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsWe discussed the structure of the DNS message last month. Now we’ll look at how the Lookup method of CMXLookup works (refer to lookup.txt on CD).
It first copies the name of the e-mail domain, whose MX servers are to be enumerated, to an internal buffer and then prepares the query. The flags are set by the method, which also initializes the number of questions to 1 and also sets the rest of the three counts to 0. The ‘while’ loop then prepares the question section by copying the domain name using the ‘count-label’ format described earlier. A byte of 0 is then set to indicate the end of the domain name. The method sets the query type to 15, that is query for MX records for the domain in question, and the query class is set to 1. The query is now prepared. The method then proceeds to initialize the Windows Sockets environment using the WSAStartup method. In case of an error, false is returned to the caller. Next, a private method of CMXLookup, GetHostAddress, is called by the method to resolve the DNS server name and return its address as an unsigned long. CMXLookup:: GetHostAddress first checks if the DNS server name is human readable (for example yahoo.com) or in form of dotted address, and based upon this, the resolution takes place.
Next, a UDP based datagram socket is created by CMXLookup::Lookup, followed by initialization of the structure containingthe details to connect. The Connect method is then called by it to connect to the DNS server on port 53, and if successful, the query is sent to the server. Assuming it was sent, the reply is then received, followed by closing up of the socket, and uninitialization of the sockets environment. Finally, it sets the flag indicating that a MX lookup just occurred, and true is returned to the caller indicating success.
After Lookup
Once a lookup has been successfully performed on a given domain, the ‘ParseReplyMX’ method of CMXLookup is called (refer to parse.txt on CD). This method parses the reply sent by the DNS server, and extracts the MX server details from the records returned.
The method starts off by copying the contents of the reply to a local buffer, and then getting the number of questions, answers, authorities, and additional information records. Next, as many questions are iterated by CMXLookup:: ParseReplyMX as specified by their count, which is followed by the iteration of answers.
The first two bytes of the answer reference the pointer record for the domain in question. The next two bytes specify the type of the query, followed by the class of the query in the following two bytes. The next four bytes specify the time to live. The method bypasses these 10 bytes, coming down to the two bytes, which give the count of the bytes, CNT, in the resource data. Since the MX records are being evaluated, the next CNT bytes contain the MX record preference value as a 16bit value, followed by the MX server name in the same encoding format as the ‘Query Name’ encoding of question section. After getting the preference value, the while loop extracts the MX server name from the encoded format, and saves it in an internal variable. The loop breaks when the octet count for a domain name (eg. octect count for yahoo is 5) is greater than 63, because that isn’t allowed.
Once ParseReplyMX returns true, CMXLookup user can optionally call the Sort method, which selection-sorts the MX server details in the order of decreasing priority. The method uses a private method, SetMXServerDetails, to update the entries internally. To get the number of servers enumerated for a domain, one calls the GetMXCount method, which returns the count as an integer. And to get details pertaining to a server, the client calls the GetMXServerDetails method, passing it a reference to a MXInfo structure, which is local to the caller, and an index value pointing to the server, which lies between 1 and the value returned by
GetMXCount.
So that is all there is to the enumeration of MX servers. This enumeration is an integral part of the SMTP servers to deliver mail to the right mail server for a given e-mail domain. Of course, the delivery should always be attempted in the order of decreasing priority of the MX servers. All that MTA has to do is establish a TCP connection on port 25 of the MX server and transfer the mail to it. Also, one may check if a given e-mail domain is valid and accessible across the Internet by MX server enumeration. If no servers come up in the enumeration, then the domain isn’t accessible or, doesn’t exist.
Kumar Gaurav Khanna runs www.wintoolzone.com