[dns-operations] Can MX be working with CNAME?

Jeroen Massar jeroen at massar.ch
Mon Oct 21 14:52:35 UTC 2013


On 2013-10-21 16:26 , Chris Adams wrote:
> Once upon a time, Jo Rhett <jrhett at netconsonance.com> said:
>> On Oct 21, 2013, at 4:37 AM, Tony Finch <dot at dotat.at> wrote:
>>> MX pointing to CNAME probably will work.
>>
>> Not in my experience. Not with either sendmail or postfix.
> 
> I've (unfortunately) seen many domains set up MX->CNAME->A, and sendmail
> and postfix both delivered to them just fine.

If lucky it works indeed, but it is quite likely that you then just hit
a sendmail site that has:

http://www.sendmail.com/sm/open_source/docs/m4/tweaking_config.html
8<----------
confDONT_EXPAND_CNAMES
DontExpandCnames

[False] If set, $[ ... $] lookups that do DNS based lookups do not
expand CNAME records. This currently violates the published standards,
but the IETF seems to be moving toward legalizing this. For example, if
"FTP.Foo.ORG" is a CNAME for "Cruft.Foo.ORG", then with this option set
a lookup of "FTP" will return "FTP.Foo.ORG"; if clear it returns
"Cruft.FOO.ORG". N.B. you may not see any effect until your downstream
neighbors stop doing CNAME lookups as well.
---------------->8

Note that the default is FALSE, hence that unless tweaked this is not
happening and you will see the effect as described.

Note also the "N.B." there, everybody has to do this. As that won't
happen the feature is pretty useless as it cannot be relied upon.

I'll also add the following from djb to this thread:
  http://cr.yp.to/im/cname.html

Greets,
 Jeroen




More information about the dns-operations mailing list