Frank Ellermann wrote:
John C Klensin wrote:
the historical reason for the prohibition on names that point
to CNAME RRs in the data field of MX RR was, I believe, to
reduce the risk of looping within the DNS.
The explanation in RFC 974 is more convoluted, something about
figuring out what's LOCAL and what's REMOTE.
An MTA learns if it is part of the MX-list retrieved for delivering a
given message by either comparing MX names to its own canonical name
or checking if an MX IP number belongs to one of its local interfaces.
However, the latter method doesn't work across NATs or split DNSes.
Thus, setting the canonical name in the MX records is required for
reliable operations of backup MXes.
Even if backup MXes are not widely used today, I don't think it would
be a good idea to ban them for good, since there are fault tolerant
functionalities that cannot be obtained otherwise. It is important to
standardize this point clearly because fault tolerance is obtained by
enabling backup MXes on different networks, hence likely involving
different organizations. We'll need that stuff in case WAN connections
suddenly were to crash quite often.