[dns-operations] Curious use of cname

Mark Andrews marka at isc.org
Mon Aug 11 01:48:33 UTC 2014 

In message <53E6B826.3000204 at mail2000.us>, Yonghua Peng writes:
> 
> >     mail.china.com. IN MX 10 mx-mail-china-com.icoremail.net.
> 
> 
> Even if they have setup this, but the DNS clients never have the chance
> to get the correct MX but always get a CNAME answer. Am I right?

It would be a alternative to a CNAME.

You you are publishing email addresses as user at domain then there
really should be a MX record at domain.  There really doesn't need
to be a double level of indirection.

Today you get:

;; ANSWER SECTION:
mail.china.com.		500	IN	CNAME	mail.china.com.cachecn.com.
mail.china.com.cachecn.com. 201	IN	MX	10 mx-mail-china-com.icoremail.net.

A better cleaner setup would be:
;; ANSWER SECTION:
mail.china.com.		500	IN	10 mx-mail-china-com.icoremail.net.

I suspect that almost all of the presure to change the CNAME behaviour
for MX records came about because people abused CNAME for HTTP.  It
has never been hard to add new record types to the DNS.  People
just thought it was hard so they never started the process.  As a
result SMTP behaviour was changed rather than the simple thing of
adding a record for HTTP to the DNS.

You end up with stupid sets of records like these because people
wern't willing to do the little bit of effort to actually get a
clean setup.

> $ dig mail.china.com mx @ns-bgp.china.com
> 
> ; <<>> DiG 9.8.1-P1 <<>> mail.china.com mx @ns-bgp.china.com
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23565
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
> ;; WARNING: recursion requested but not available
> 
> ;; QUESTION SECTION:
> ;mail.china.com.                        IN      MX
> 
> ;; ANSWER SECTION:
> mail.china.com.         500     IN      CNAME   mail.china.com.cachecn.com.
> 
> ;; Query time: 75 msec
> ;; SERVER: 124.248.35.12#53(124.248.35.12)
> ;; WHEN: Mon Aug 11 09:24:44 2014
> ;; MSG SIZE  rcvd: 69
> 
> 
> As you see, I queried for MX but got a CNAME. Thanks.
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the dns-operations mailing list