e: BIND 9.6 Flaw - CNAME vs. A Record in MX Records are NOT "Illegal"
bsfinkel at anl.gov
bsfinkel at anl.gov
Tue Jan 27 17:52:29 UTC 2009
Al Stu" <Al_Stu at Verizon.net> wrote:
>How about these two?
>
>> nullmx.domainmanager.com
>Non-authoritative answer:
>Name: mta.dewile.net
>Address: 69.59.189.80
>Aliases: nullmx.domainmanager.com
>
>> smtp.secureserver.net
>Non-authoritative answer:
>Name: smtp.where.secureserver.net
>Address: 208.109.80.149
>Aliases: smtp.secureserver.net
>
>There are two reasons it does not blow up in peoples face. 1) If it is in
>the CNAME RR points to an A record in the same zone, both the A record and
>the CNAME record are returned, thus meeting the A record requirement. 2)
>SMTP servers are required to accept an alias and look it up. Thus there is
>no need for this.
>
>And no it does not matter if there are multiple MX records with different
>preferences values.
You say, "both the A record and the CNAME record are returned."
We know that BIND does this. Is this part of the RFC? Do other DNS
implementation return both the "A" and the CNAME?
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory Phone: +1 (630) 252-7277
9700 South Cass Avenue Facsimile:+1 (630) 252-4601
Building 222, Room D209 Internet: BSFinkel at anl.gov
Argonne, IL 60439-4828 IBMMAIL: I1004994
More information about the bind-users
mailing list