[Top] [All Lists]

Re: MX to CNAME and (mis)interpretation of 2821

2008-02-23 03:34:32

Frank Ellermann wrote:
John C Klensin wrote:

the historical reason for the prohibition on names that point
to CNAME RRs in the data field of MX RR was, I believe, to
reduce the risk of looping within the DNS.

The explanation in RFC 974 is more convoluted, something about
figuring out what's LOCAL and what's REMOTE.

An MTA learns if it is part of the MX-list retrieved for delivering a given message by either comparing MX names to its own canonical name or checking if an MX IP number belongs to one of its local interfaces. However, the latter method doesn't work across NATs or split DNSes. Thus, setting the canonical name in the MX records is required for reliable operations of backup MXes.

Even if backup MXes are not widely used today, I don't think it would be a good idea to ban them for good, since there are fault tolerant functionalities that cannot be obtained otherwise. It is important to standardize this point clearly because fault tolerance is obtained by enabling backup MXes on different networks, hence likely involving different organizations. We'll need that stuff in case WAN connections suddenly were to crash quite often.