Wildcards in MX Record Domain Names
Joseph S D Yao
jsdy at cospo.osis.gov
Fri Dec 17 03:39:54 UTC 1999
On Wed, Dec 15, 1999 at 07:44:46PM -0500, Kevin Darcy wrote:
> Joseph S D Yao wrote:
>
> > On Fri, Dec 10, 1999 at 11:16:40AM -0500, Robert Setterlund wrote:
> > > Are the below MX records supported in Bind 8.X?
> > >
> > > *.org IN MX 10 firewallrelay.mayo.org
> > > *.gov IN MX 10 firewallrelay.mayo.org
> > > *. IN MX 10 firewallrelay.mayo.org
> >
> > Yes. But this is probably not the right way of doing this. You should
> > really put a relay host into your sendmail.cf file, to send all
> > non-local e-mail to your firewall.
>
> Why? Is it easier to custom-configure dozens or hundreds of sendmail.cf's
> than it is one master file on an internal root server? ...
This response assumes that in a network it is easier to configure DNS
properly all over than it is to configure sendmail all over. Mine
assumed the opposite. Different experiences.
Both have the same goal: to get the internal mail servers to send
"non-local" [for some definition of "non-local"] e-mail to the firewall
for relaying to the Big Bad Internet.
The "better" one would be whichever one better fits the "truth". It's
always easier to maintain a consistent story if you're telling the
truth. ;-) And, "Say What You Mean" is Joe's First Law of Software
Engineering. My first impression was that the MX trick, above, violated
this. But within its domain, as Kevin has pointed out, it does NOT. It
is true.
I will continue to use my sendmail configuration, since it suits my
needs better. [Everybody thinks they can meddle with DNS at their whim.
Everybody is afraid to touch sendmail.cf. ;-)] I do note that one
advantage to the MX solution is that one can specify failover firewalls
with that, but not with the sendmail relay.
--
Joe Yao jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.
More information about the bind-users
mailing list