On Tuesday 18 May 2004 16:30, Matthew D. Fuller wrote: > On Tue, May 18, 2004 at 07:23:52AM -0700 I heard the voice of > > Randy Bush, and lo! it spake thus: > > >> RFC974 says: > > >> There is one other special case. If the response contains an > > >> answer which is a CNAME RR, it indicates that REMOTE is actually > > >> an alias for some other domain name. The query should be repeated > > >> with the canonical domain name. > > > > > > That covers the intial lookup, meaning that a CNAME pointing to an MX > > > is legal. > > > > no. it means an MX referring to a CNAME which resolves to an A > > Not by my reading. > > The first step for the mailer at LOCAL is to issue a query for MX > RRs for REMOTE. > > [...] > > If the response contains an answer which is a CNAME RR, it > indicates that REMOTE is actually an alias for some other domain > name. The query should be repeated with the canonical domain name. > > which covers the case: > > foo IN CNAME bar > bar IN MX 10 mail > mail IN A 127.0.0.1 > > > not the case: > > foo IN MX 10 bar > bar IN CNAME mail > > ---------------- > > But, as I came across in a completely seperate quest (today is Bizarre > Coincidence Day, boys and girls!), see RFC2181 §10.3: > > The domain name used as the value of a NS resource record, or part > of the value of a MX resource record must not be an alias. > > Of course, 2181 is a _Proposed_ Standard, for whatever value you may > choose to assign to that classification. I found this in rfc 974 under 'Minor Special Issues' [...] Note that the algorithm to delete irrelevant RRs breaks if LOCAL has a alias and the alias is listed in the MX records for REMOTE. (E.g. REMOTE has an MX of ALIAS, where ALIAS has a CNAME of LOCAL). This can be avoided if aliases are never used in the data section of MX RRs. [...] Does it describe a situation like this? IN NS ns.sample.org. IN MX 10 mail foo IN A 192.168.1.1 ns IN CNAME foo mail IN CNAME foo -- Christian Hiris <4711_at_chello.at> | OpenPGP KeyID 0x941B6B0B OpenPGP-Key at hkp://wwwkeys.eu.pgp.net and http://pgp.mit.edu
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:54 UTC