Ron Wheeler wrote: > The MX record has to point to an A or CNAME that maps to the actual machine > where your main service (Postfix) runs.
IIRC the MX should not point to a CNAME as target host to make proper loop detection work. Or am I wrong? See https://tools.ietf.org/html/rfc5321#section-5.1: 5.1. Locating the Target Host [..] When a domain name associated with an MX RR is looked up and the associated data field obtained, the data field of that response MUST contain a domain name. That domain name, when queried, MUST return at least one address record (e.g., A or AAAA RR) that gives the IP address of the SMTP server to which the message should be directed. Any other response, specifically including a value that will return a CNAME record when queried, lies outside the scope of this Standard. The prohibition on labels in the data that resolve to CNAMEs is discussed in more detail in RFC 2181, Section 10.3 [38]. This references https://tools.ietf.org/html/rfc2181#section-10.3 10.3. MX and NS records The domain name used as the value of a NS resource record, or part of the value of a MX resource record must not be an alias. Not only is the specification clear on this point, but using an alias in either of these positions neither works as well as might be hoped, nor well fulfills the ambition that may have led to this approach. [..] Ciao, Michael.
smime.p7s
Description: S/MIME Cryptographic Signature