BIND vs. sendmail problem

Barry Margolin barmar at genuity.net
Wed May 17 18:56:46 UTC 2000 

In article <4.1.20000517121734.00a2e100 at pop.sonictech.com>,
Michael Kohne  <mhkohne at discordia.org> wrote:
>I'm trying to debug a BIND vs. Sendmail problem for the office. If it were
>just inter-office e-mail, I'd probably not bother to push these folks into
>fixing their stuff, but as it seems to affect our customers as well, I feel
>I'm forced to act. 
>
>The problem manifests as a nameserver timeout to sendmail. 
>
><xxxxx at xxxxx.xxx>... Deferred: Name server: xxxxx.xxx.: host name lookup
>failure
>
>Things I've checked and had them fix:
>Their NS records were previously pretty screwed up. Some of the servers
>didn't answer DNS, some didn't claim authority. This is all fixed now, and
>I just checked - it all matches the NIC registry as well.
>
>Now, the only odd thing that I can see that is odd about their setup at the
>moment is their MX record. 
>
>Results of some tests:
>nslookup xxxxx.xxx 	works and gives the correct address
>
>nslookup -type=mx xxxxx.xxx   fails with '*** localhost can't find
>nanoose.com: Non-existent host/domain'
>
>dig @<their nameserver> xxxxx.xxx any
><abridged-cut out NS and SOA>
>xxxxx.xxx.            1D IN MX        5 xxxxx.xxx.
>xxxxx.xxx.            1D IN A         nnn.nnn.nnn.nnn
>
>dig xxxxx.xxx any
><only contains A and NS records>

Did you verify that dig gives the correct answer when you query *all* of
their nameservers?  Your local server may have asked a different server
than you did manually.  There might still be some fallout left from when
their other servers were screwed up.

I'd check myself, except that you left out a critical piece of information:
the actual xxxx.xxx.

>The thing I think is odd is that the MX record just points back to the same
>name. Now I know that MX records aren't supposed to point to CNAMES, but
>what about this situation? I'm thinking that it's illegal and screwing
>things up royally. A quick dig of several other domains (including other
>offices of the company, and some popular sites like yahoo) indicates that
>no one else seems to do this. 

This is perfectly normal when you want mail to be delivered to the host
that has the same name as the domain.  It would work to leave out the MX
record entirely, but that has performance drawbacks, so including the MX
record is recommended.

>Secondly, is there a list of 'MX' rules that will tell me what's legal and
>what's not?

For full details, see RFC 974 "Mail routing and the domain system".  But
simplified, here are the rules:

Rule 1: MX must point to a name that has an A record; it can't point to an
IP address, and it shouldn't point to a CNAME record.

Rule 2: The name that an MX record points to must recognize that name as
referring to itself (to prevent mail loops).

-- 
Barry Margolin, barmar at genuity.net
Genuity, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

More information about the bind-users mailing list