secondary MX (was Re: [TriLUG] co-lo or at home?)

Mike Broome mbroome at employees.org
Fri Mar 29 13:43:54 EST 2002 

On Fri, Mar 29, 2002 at 12:26:26PM -0500, Tanner Lovelace wrote:
> On Fri, 2002-03-29 at 11:22, Mike Broome wrote:
>  
> > Can you point to a reference for that?  
> 
> Sure.  RFC1034, section 3.6.2 and RFC1912 section 2.4.  Here's the
> quote from the first one:
> 
>    The domain system provides such a feature using the canonical name
>    (CNAME) RR.  A CNAME RR identifies its owner name as an alias, and
>    specifies the corresponding canonical name in the RDATA section of
>    the RR.  If a CNAME RR is present at a node, no other data should be
>    present; this ensures that the data for a canonical name and its  
>    aliases cannot be different.  This rule also insures that a cached
>    CNAME can be used without checking with an authoritative server for
>    other RR types.
> 
> Notice the part "If a CNAME RR is present at a node [i.e. a domain
> name], no other data should be present;"
> 
> Here is the quote from RFC1912:
> 
>    A CNAME record is not allowed to coexist with any other data.  In
>    other words, if suzy.podunk.xx is an alias for sue.podunk.xx, you
>    can't also have an MX record for suzy.podunk.edu, or an A record, or
>    even a TXT record.
> 
> The reasoning behind this is illustrated in the last sentence of the
> first quote I provided.  I think, however, that for cases like yours
> it's probably okay, but you should be aware of this.  If you wanted to
> be *completely* inside the specification, you would probably need to
> point your MX record at the A record of your dynamically provided
> DNS.
> 
> > I also googled around a little and nothing jumped out at me about
> > avoiding having a CNAME for an MX record.  (But since there are a
> > gazillion hits for CNAME and MX record, I could have easily missed it.)
> > 
> I did "MX CNAME problems" and found the reference on the 3rd hit. YMMV.
> (Just so you know, this was the URL I found the reference in:
> http://www.rscott.org/dns/cname.html)

Right.  Maybe I don't understand DNS records (RR) correctly, but I don't
think we are doing what's described in the sections above in the case of
how the DNS for 1000plus.com is setup.  The MX record info is part of
the RR for "1000plus.com", and the MX record points to mx.1000plus.com.
(I think the RR for 1000plus.com is an SOA record, but I'm not certain.)
The RR for mx.1000plus.com is a CNAME that points to 1000plus.dyndns.org
but contains no other data.  The RR for 1000plus.dyndns.org is an A
record -- maintained by dyndns.org -- which gives the IP address.  Have
I misunderstood which record is which and how they fit together?

Your point (in reply to James) about mx.1000plus.com needing to accept
mail for 1000plus.com and 1000plus.dyndns.org is true.  (And it does.)

Mike

-- 
Mike Broome
mbroome(at)employees.org

More information about the TriLUG mailing list