So, you found some pre-existing rules, used them as cover for your problem, and now that your ~problem is fixed the pre-existing rules shouldn't matter to anybody anymore? Come on now, isn't it slightly possible that those rules were pre-existing for reasons that have nothing to do with you?
here's the stretchy part that makes me want to undo what was done. gethostbyname() knows it's dealing with hostnames. also gethostbyaddr() and the modern equivilents (getaddrinfo/getnameinfo/whatever). also, these library calls can get their host name/address data from sources other than dns. it is in my view perfectly reasonable for these library calls to demand RFC952-compliance, or compliance with a later specification for "host" names, if there ever is such. however, inside BIND4 named.boot and BIND8/BIND9 named.conf you will find that the server is capable of enforcing hostname (RFC952) and mailname (RFC821) rules on DNS data like "owner of A RRset" or "owner or target of MX RRset", on the very stretchy supposition that these names, because they are being used as part of A-RR or MX-RR sets, must be getting used as "hostnames" or "mailnames". that might often be the case, or always-to-date be the case, but it ain't NECESSARILY the case. putting these checks in for master zones, slave zones, and response data was a significant over-reach on my part. THAT is what i'm apologizing for here. (and THAT is what CERT had asked me to do, since changing gethostbyaddr() would not, by itself, have protected Sendmail from newlines in its qf* files.)
... I'm glad you fixed your problem, but really, this isn't about DNS, it is about universal representation of hostnames despite the media that is used to convey those names.
and i'd agree if you said "logic that's meant to support hostnames/mailnames ought to enforce the known rules about those names." by which i'd be thinking of the library calls gethostbyname(), gethostbyaddr(), and so on. and by which i would expressly not be referring to anything in the DNS. just because you own an A RR doesn't make you a hostname. just because you're pointed to by an MX RR doesn't make you a mailname. (what a relief to finally be able to say that.) -- Paul Vixie