In message <4b284376.3000...@mail-abuse.org>, Douglas Otis writes: > On 12/15/09 8:06 AM, Andy Davidson wrote: > > Eric J Esslinger wrote: > >> I have a domain that exists solely to cname A records to another domain's > websites. > > [...] > >> I found a reference to a null MX proposal, constructed so: > >> example.com IN MX 0 . > > [...] > >> Question: Is this a valid dns construct or did the proposal die? > > > > It's "valid", but you will probably find people still try to spam to > > machines on the A records, and all of the other weird and wonderful things > > that spambots try to do to find a path that will deliver mail... > > SRV records documented the hostname "." as representing "no service". > However, errors made by non-RFC-compliant clients still generate a fair > amount of root traffic attempting to resolve A records for ".". The MX > record never defined a hostname "." to mean "no service" so it would be > unwise to expect email clients will interpret this as a special case > meaning "no service" as well. One might instead consider using: > > example.com. IN MX 0 192.0.2.0 > IN MX 10 192.0.2.1 > ... > IN MX 90 192.0.2.9
Which will expand to: example.com. IN MX 0 192.0.2.0.example.com. IN MX 10 192.0.2.1.example.com. .... IN MX 90 192.0.2.9.example.com. MX records DO NOT take IP addresses. > where 192.0.2.0/24 represents a TEST-NET block. > > This should ensure traffic will not hit the roots or your servers. > Assuming a sender tries all of MX addresses listed, they may still > attempt to resolve A records for example.com. This MX approach will > affect those failing to validate email prior to acceptance, and, of > course, spammers. > > -Doug -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: ma...@isc.org