BIND 9.6 Flaw - CNAME vs. A Record in MX Records are NOT "Illegal"
Al Stu
Al_Stu at Verizon.net
Sat Jan 31 06:55:58 UTC 2009
History is fraught with individuals or a few being ridiculed for putting
forth that which goes against the conventional wisdom of the masses and so
called experts, only to be vindicated once the masses and so called experts
get their head out where the sun is shining and exposed to the light of day.
Once upon a time the world was 'flat'. For some of you, apparently is still
is 'flat'.
----- Original Message -----
From: "Michael Milligan" <milli at acmeps.com>
To: "Al Stu" <Al_Stu at Verizon.net>
Cc: <bind-users at lists.isc.org>
Sent: Friday, January 30, 2009 10:20 AM
Subject: Re: BIND 9.6 Flaw - CNAME vs. A Record in MX Records are NOT
"Illegal"
> You just don't get it. You are off wandering around in the weeds.
>
> Read the tail end of Chapter 5 in the book "DNS and BIND" describing the
> MX selection algorithm in layman's terms to (perhaps) understand why
> having MX records referencing CNAMEs is bad.
>
> It may work right now for you, but referencing CNAMEs in MX records
> eventually _will_ cause delivery loops the next time you accidentally
> fat-finger a config. If you continue to be hard-headed about this and
> not listen to the 100s of years of collective wisdom dispensed, then go
> ahead and leave yourself set up for a potential DoS against yourself,
> we're not going to stop you... and we're not going to feel sorry for
> you either.
>
> FIN
>
> Regards,
> Mike
>
> Al Stu wrote:
>> Analyze this.
>>
>> Query MX dns.com
>>
>> Response MX nullmx.domainmanager.com
>>
>> Query A nullmx.domainmanager.com
>>
>> Response CNAME mta.dewile.net, A 64.40.103.249
>>
>
More information about the bind-users
mailing list