I'm currently at odds with a few folks regarding the interpretation of
RFC 2821 and the case of MX records that resolve to CNAMEs. I'm hoping
that those here, who are authoritative when it comes to this RFC, can
shed some light.
Take the following case:
% nslookup -q=mx fleetpride.com
Non-authoritative answer:
fleetpride.com mail exchanger = 10 in.sjc.mx.trendmicro.com.
fleetpride.com mail exchanger = 20 mx-in01.mail-abuse.org.
fleetpride.com mail exchanger = 20 mx-in02.mail-abuse.org.
fleetpride.com mail exchanger = 20 mx-in03.mail-abuse.org.
Authoritative answers can be found from:
fleetpride.com nameserver = ns1-auth.sprintlink.net.
fleetpride.com nameserver = ns2-auth.sprintlink.net.
fleetpride.com nameserver = ns3-auth.sprintlink.net.
ns1-auth.sprintlink.net internet address = 206.228.179.10
ns2-auth.sprintlink.net internet address = 144.228.254.10
ns3-auth.sprintlink.net internet address = 144.228.255.10
% nslookup in.sjc.mx.trendmicro.com.
Non-authoritative answer:
in.sjc.mx.trendmicro.com canonical name =
in.mx.trendmicro-fail-over.akadns.net.
Name: in.mx.trendmicro-fail-over.akadns.net
Address: 216.99.131.15
Name: in.mx.trendmicro-fail-over.akadns.net
Address: 216.99.131.16
Name: in.mx.trendmicro-fail-over.akadns.net
Address: 216.99.131.1
Name: in.mx.trendmicro-fail-over.akadns.net
Address: 216.99.131.2
Name: in.mx.trendmicro-fail-over.akadns.net
Address: 216.99.131.3
Name: in.mx.trendmicro-fail-over.akadns.net
Address: 216.99.131.4
Name: in.mx.trendmicro-fail-over.akadns.net
Address: 216.99.131.13
Name: in.mx.trendmicro-fail-over.akadns.net
Address: 216.99.131.14
According to RFC 2181, this is invalid. You cannot have an MX record
that resolves to a CNAME.
However, in talking to TrendMicro, they say that this syntax is
perfectly valid and that RFC 2821 overrides the MX to CNAME limitation.
The following website is their stance on this:
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1035667&i
d=EN-1035667
However, in talking to others, they say that TrendMicro is
misinterpreting the RFC. I'll admit after reading 2821, I could
interpret things both ways.
This is why I come to you folks who are responsible for this RFC. Who is
right? Is MX -> CNAME now allowed by 2821, or is TrendMicro in the
wrong?
Would it also be possible to state directly within the next revision of
the RFC where or not this RFC overrides the provision 10.3 of RFC 2181.
I don't want to leave things left to misinterpretation.
--
Trevor Paquette
Director, Information Technology and Systems
TeraGo Networks Inc.
300, 300 Manning Road NE
Calgary, Ab T2E 8K4
http://www.terago.ca <http://www.terago.ca/>
W: (403) 668-5321
C: (403) 703-8738