Skip to content

Comments

fix: use lax IDNA profile to support underscores in domains#145

Merged
natesales merged 1 commit intonatesales:mainfrom
racpast:fix/idna-underscore
Dec 8, 2025
Merged

fix: use lax IDNA profile to support underscores in domains#145
natesales merged 1 commit intonatesales:mainfrom
racpast:fix/idna-underscore

Conversation

@racpast
Copy link
Contributor

@racpast racpast commented Dec 8, 2025
edited by cubic-dev-ai bot
Loading

Description

This PR fixes an issue where domains containing underscores (e.g. _smtp._tls.example.com) were being incorrectly rewritten by the previous strings.ReplaceAll hack.

Instead of manual string manipulation, this change switches to the standard golang.org/x/net/idna library with a custom profile (StrictDomainName(false)). This disables STD3 ASCII rules, correctly allowing non-LDH characters like underscores (valid in DNS records) while ensuring proper Punycode conversion for internationalized domains.

Changes

  • Removed the strings.ReplaceAll workaround.
  • Implemented idna normalization with StrictDomainName(false) to support valid DNS query names as used in SRV, TXT, and DMARC records.

Verification

Verified with the following cases:

D:\q>go run . @1.1.1.1 txt _smtp._tls.mailhardener.com
_smtp._tls.mailhardener.com. 5m TXT "v=TLSRPTv1; rua=mailto:c7077f80@in.mailhardener.com,https://tlsrpt.mailhardener.com/c7077f80"

D:\q>go run . _test.你好.com @1.1.1.1
_test.xn--6qq79v.com. 3h59m59s A 64.190.63.222
_test.xn--6qq79v.com. 24h NS ns1.sedoparking.com.
_test.xn--6qq79v.com. 24h NS ns2.sedoparking.com.
_test.xn--6qq79v.com. 1h MX 0 localhost.
_test.xn--6qq79v.com. 1h TXT "v=spf1 -all"

D:\q>go run . _dmarc.example_com._d.example.com. @1.1.1.1 --verbose
DEBU Name: _dmarc.example_com._d.example.com.
DEBU RR types: [NS MX TXT CNAME A AAAA]
DEBU Server(s): [1.1.1.1]
DEBU Using server 1.1.1.1:53 with transport plain
DEBU Using UDP with TCP fallback: 1.1.1.1:53

Related Issues

Fixes #141

Summary by cubic

Switches to a lax IDNA profile to correctly allow underscores in domain labels and avoid rewriting them. Keeps proper Punycode conversion for internationalized domains.

  • Bug Fixes
    • Replaced the underscore ReplaceAll hack with idna.New(MapForLookup, StrictDomainName(false)).
    • Accepts underscores in DNS query names (e.g., SRV, TXT, DMARC).
    • Prevents incorrect rewriting of names like _smtp._tls.example.com.

Written for commit 01e44c9. Summary will update automatically on new commits.

cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Dec 8, 2025
View reviewed changes
Copy link

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

@natesales natesales merged commit 9e273f6 into natesales:main Dec 8, 2025
3 checks passed
@racpast racpast deleted the fix/idna-underscore branch December 10, 2025 09:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Cannot query domain _smtp._tls for domains

2 participants

@racpast @natesales