Hey Bill, On 16.03.19 18:37, Bill Cole wrote:
>>> You MTA is known under different names: >>> >>>> johannes-bauer.com mail is handled by 10 johannes-bauer.com. >>>> spornkuller.de mail is handled by 10 spornkuller.de. >> >> Is this a problem? > > It should not be. There are no CNAMEs involved, so no room for obvious > failure modes. Yup, I knew about the CNAME issue, therefore refering to an entry that has an actual A record. >> In other words, should I refer to the MTA always >> under the same name, i.e., have the MX record of johannes-bauer.com >> point to spornkuller.de? If this is somehow an issue I definitely >> overlooked it. > > That really shouldn't matter. Just never point an MX at a name that is > resolved via a CNAME. > > However, using multiple names for a mail server is generally pointless > beyond satisfying human urges. Some might call it "branding" or > "narcissism" or "nominalism." Nah, I really don't care about the name in a DNS record -- no narcissism here :) There is a technical reason for the MX entries always pointing to their own domains (which then point all to the same IP): Previously, some of these ran their own MTAs and were hosted on different hosts before I consolidated them. I simply had not had to (and haven't) changed anything in DNS. > It is simplest to just use one name for the server and have the PTR for > the IP and the MX for each domain it serves point to that name. In > Postfix that is set by smtp_helo_name, which defaults to $myhostname. Yes, think I'll change that in the future so the FQDNs of the MX and the indicated smtp_helo_name match up. Right now they don't (except of course for spornkuller.de). >> My best guess is that I was testing something and had it half-configured >> or whatever. I'm fairly sure that it was previously disclosing full >> version numbers > > Which is really quite harmless. Humor me as paranoid, I work in IT security. Postfix has an excellent security track record, but no need to share any info that only benefits a potential attacker in my opinion. Thanks for your support, All the best, Joe
