Al Stu wrote: > So within the zone SMTP requirements are in fact met when the > MX RR is a CNAME. you might argue the line of it being OK when additional processing includes an A record.
"Be conservative in what you send" means that fewer problems are likely from reasonable compliance with standards and not trying every complicated or edge case that might be read into standards. Section 5.1 of RFC5321: Any other response, specifically including a value that will return a CNAME record when queried, lies outside the scope of this Standard. The prohibition on labels in the data that resolve to CNAMEs is discussed in more detail in RFC 2181, Section 10.3 [38]. So if you choose to have MXs with an <exchange> field being a CNAME, don't complain if that results in some problems for email delivery. > So there is no need to prevent this nor to label it as "illegal". "not compliant with RFC5321/5.1" would have been more explicit. Maybe the ARM could list compliance messages along with references to relevant standards and/or examples ? Possible courses of action * disable the check-mx-cname in your config * discussions about correct behaviour and standards compliance might be better taken up on the namedroppers list * try to prevent RFC5321 from advancing to Standard status while CNAMEs are specifically excluded by the document *plonk* _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
