On 2024-11-04 at 07:23:37 UTC-0500 (Mon, 04 Nov 2024 20:23:37 +0800)
Adriel via Postfix-users <adriel@myemail.click>
is rumored to have said:
Hello
say i have a subdomain sub.xyz.com.
if I make a CNAME as,
sub.xyz.com CNAME to xyz.net
and, xyz.net has its own MX and SPF records.
my question is, for this DNS setup, will sub.xyz.com uses MX and SPF
of xyz.net for its mail hosting?
Yes.
But why do that instead of just adding a MX for sub.xyz.com? The CNAME
is just an extra DNS query for anyone trying to send mail to addresses
in that domain.
There is also a risk with some MTAs (most notably Sendmail) that using
the CNAME instead of a simple MX will result in address rewriting in
headers which can break things like DKIM. This is based on the formal
meaning of CNAME: a *canonical* name which can always be used instead of
the queried name.
for example, when external users write to u...@sub.xyz.com, the
messages will route to xyz.net's MX server. And, when u...@sub.xyz.com
deliver message out, the peer MTA will use xyz.net's SPF for
validation. Am I right?
Yes.
You can get the same behavior with a real MX record and a TXT SPF record
for sub.xyz.com that has "include:xyz.net -all" as part or all of the
record.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo@toad.social and many *@billmail.scconsult.com
addresses)
Not Currently Available For Hire
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
