BIND 9.6 Flaw - CNAME vs. A Record in MX Records are NOT "Illegal"
Noel Butler
noel.butler at ausics.net
Sat Jan 31 22:39:45 UTC 2009
On Sun, 2009-02-01 at 04:05, Al Stu wrote:
> The basic argument that because it can be misused, abused, criminally
> exploited, etc., it should be abolished, not permitted, and deemed "illegal"
> by a group of people who should not have that authority, even though it has
> practical and beneficial uses is absurd. By that same logic automobiles
> should also be abolished and we should all just go back to horse and buggy.
> Oh wait, those too should be abolished based on that same logic.
>
>
FFS.. piss off
> ----- Original Message -----
> From: "Michael Milligan" <milli at acmeps.com>
> To: "Al Stu" <Al_Stu at Verizon.net>
> Cc: <bind-users at lists.isc.org>
> Sent: Friday, January 30, 2009 10:20 AM
> Subject: Re: BIND 9.6 Flaw - CNAME vs. A Record in MX Records are NOT
> "Illegal"
>
>
> > You just don't get it. You are off wandering around in the weeds.
> >
> > Read the tail end of Chapter 5 in the book "DNS and BIND" describing the
> > MX selection algorithm in layman's terms to (perhaps) understand why
> > having MX records referencing CNAMEs is bad.
> >
> > It may work right now for you, but referencing CNAMEs in MX records
> > eventually _will_ cause delivery loops the next time you accidentally
> > fat-finger a config. If you continue to be hard-headed about this and
> > not listen to the 100s of years of collective wisdom dispensed, then go
> > ahead and leave yourself set up for a potential DoS against yourself,
> > we're not going to stop you... and we're not going to feel sorry for
> > you either.
> >
> > FIN
> >
> > Regards,
> > Mike
> >
> > Al Stu wrote:
> >> Analyze this.
> >>
> >> Query MX dns.com
> >>
> >> Response MX nullmx.domainmanager.com
> >>
> >> Query A nullmx.domainmanager.com
> >>
> >> Response CNAME mta.dewile.net, A 64.40.103.249
> >>
> >
>
> _______________________________________________
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20090201/cb203f09/attachment.html>
More information about the bind-users
mailing list