BIND 9.6 Flaw - CNAME vs. A Record in MX Records are NOT "Illegal"
Matthew Pounsett
matt at conundrum.com
Sun Jan 25 17:49:04 UTC 2009
On 25-Jan-2009, at 12:41 , Al Stu wrote:
> "That domain name, when queried, MUST return at least one address
> record (e.g., A or AAAA RR) that gives the IP address of the SMTP
> server to which the message should be directed."
>
> @ 1800 IN A 1.2.3.4
> srv1 1800 IN A 1.2.3.4
> mx 1800 IN CNAME blah.xyz.com.
> @ 1800 IN MX 1 mx.xyz.com.
>
> Requirements met.
In the example above, when I query for "IN A mx.xyz.com?" I do not get
an address record back (A, AAAA)..instead I get a CNAME record.
Requirements NOT met.
I don't see the connection to srv1. Did you mean for "mx 1800 IN
CNAME blah.xyz.com." to be "mx 1800 IN CNAME srv1.xyz.com."? That
still doesn't meet requirements, because the record returned there as
the ANSWER is a CNAME, not an A or AAAA record. I think you might be
confusing the ADDITIONAL section of a DNS message with the ANSWER
section. They are not the same thing.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090125/a7e34f58/attachment.bin>
More information about the bind-users
mailing list