"When a domain name associated with an MX RR is looked up and the associated
data field obtained, the data field of that response MUST contain a domain
name. That domain name, when queried, MUST return at least one address
record (e.g., A or AAAA RR) that gives the IP address of the SMTP server to
which the message should be directed."
Correct. And when a that domain name is a CNAME pointing to an A RR the
query returns not only the alias but also the real name and the IP address
from the A RR. Thus meeting the requirements to "return at least one
address record (e.t., A or AAAA RR)". But yet ISC seems to find it
necessary to throw a message that it is "illegal", when it clearly is not.
----- Original Message -----
From: "SM" <s...@resistor.net>
To: <bind-users@lists.isc.org>
Sent: Sunday, January 25, 2009 12:23 AM
Subject: Re: BIND 9.6 Flaw - CNAME vs. A Record in MX Records are NOT
"Illegal"
At 22:11 24-01-2009, Al Stu wrote:
Some people seem to think RFC 974 creates a standard which prohibits the
use of CNAME/alias in MX records. But very much to the contrary RFC 974
demonstrates that CNAME/alias is permitted in MX records.
RFC 974 is obsoleted by RFC 2821; the latter is obsoleted by RFC 5321.
Quoting Section 5 of that RFC:
"When a domain name associated with an MX RR is looked up and the
associated data field obtained, the data field of that response MUST
contain a domain name. That domain name, when queried, MUST return
at least one address record (e.g., A or AAAA RR) that gives the IP
address of the SMTP server to which the message should be directed.
Any other response, specifically including a value that will return a
CNAME record when queried, lies outside the scope of this Standard.
The prohibition on labels in the data that resolve to CNAMEs is
discussed in more detail in RFC 2181, Section 10.3."
ISC's message that a CNAME/alias in an MX record is illegal is incorrect
and just an attempt by ISC to get people to go along with what is only a
perceived rather than actual standard/requirement, and should be removed
so as not to further the fallacy of this perceived perception of a
standard/requirement, as it is neither a standard nor a requirement, and
certainly not illegal.
Pointing to a CNAME on the right-hand side of an MX record is incorrect
and may affect mail delivery. This is not about perceived perception of a
requirement (see the MUST return at least one address record in the quoted
text).
Regards,
-sm
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
_______________________________________________
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
