The dnslookup router looks up the hosts that handle mail for the given domain in the DNS. A transport must always be set for this router, unless verify_only is set.
MX records are looked up first, followed by address records if no MX records are found, unless the domain matches mx_domains. MX records of equal priority are sorted by Exim into a random order. Unless they have the highest priority (lowest MX value), MX records that point to the local host, or to any host name that matches hosts_treat_as_local, are discarded, together with any other MX records of equal or lower priority.
If the host pointed to by the highest priority MX record, or looked up as an address record, is the local host, or matches hosts_treat_as_local, what happens is controlled by the generic self option.
There are a number of private options that can be used to vary the way the DNS lookup is handled.
If this option is set, the router declines unless the local host is found in (and removed from) the list of hosts obtained by MX lookup. This can be used to process domains for which the local host is a secondary mail exchanger differently to other domains.
A domain which matches mx_domains is required to have an MX record in order to be recognised. For example, if all the mail hosts in fict.example are known to have MX records, except for those in discworld.fict.example, you could use this setting:
mx_domains = ! *.discworld.fict.example : *.fict.example
This specifies that messages addressed to a domain that matches the list but has no MX record should be bounced immediately instead of being routed using the address record.
When this option is true, the resolver option RES_DEFNAMES is set for DNS lookups. Typically, but not standardly, this causes the resolver to qualify single-component names with the default domain. For example, on a machine called dictionary.ref.example, the domain thesaurus would be changed to thesaurus.ref.example inside the resolver. For details of what your resolver actually does, consult your man pages for resolver and resolv.conf.
If the domain name in the address that is being processed is not fully qualified, it may be expanded to its full form by a DNS lookup. For example, if an address is specified as dormouse@teaparty, the domain might be expanded to teaparty.wonderland.fict.example. Domain expansion can also occur as a result of setting the widen_domains option. If rewrite_headers is true, all occurrences of the abbreviated domain name in any Bcc:, Cc:, From:, Reply-to:, Sender:, and To: header lines of the message are rewritten with the full domain name.
This option should be turned off only when it is known that no message is ever going to be sent outside an environment where the abbreviation makes sense.
When an MX record is looked up in the DNS and matches a wildcard record, name servers normally return a record containing the name that has been looked up, making it impossible to detect whether a wildcard was present or not. However, some name servers have recently been seen to return the wildcard entry. If the name returned by a DNS lookup begins with an asterisk, it is not used for header rewriting.
Addresses with the same domain are normally routed by the dnslookup router to the same list of hosts. However, this cannot be presumed, because the router options and pre~con~ditions may refer to the local part of the address. By default, therefore, Exim routes each address in a message independently. DNS servers run caches, so repeated DNS lookups are not normally expensive, and in any case, personal messages rarely have more than a few recipients.
If you are running mailing lists with large numbers of subscribers at the same domain, and you are using a dnslookup router which is independent of the local part, you can set same_domain_copy_routing to bypass repeated DNS lookups for identical domains in one message. In this case, when dnslookup routes an address to a remote transport, any other unrouted addresses in the message that have the same domain are automatically given the same routing without processing them independently. However, this is only done if headers_add and headers_remove are unset, and the router does not ``widen'' the domain.
When this option is true, the resolver option RES_DNSRCH is set for DNS lookups. This is different from the qualify_single option in that it applies to domains containing dots. Typically, but not standardly, it causes the resolver to search for the name in the current domain and in parent domains. For example, on a machine in the fict.example domain, if looking up teaparty.wonderland failed, the resolver would try teaparty.wonderland.fict.example. For details of what your resolver actually does, consult your man pages for resolver and resolv.conf.
Setting this option true can cause problems in domains that have a wildcard MX record, because any domain that does not have its own MX record matches the local wildcard.
If a DNS lookup fails and this option is set, each of its strings in turn is added onto the end of the domain, and the lookup is tried again. For example, if
widen_domains = fict.example:ref.example
is set and a lookup of klingon.dictionary fails, klingon.dictionary.fict.example is looked up, and if this fails, klingon.dictionary.ref.example is tried. Note that the qualify_single and search_parents options can cause some widening to be undertaken inside the DNS resolver.