ietf-smtp
[Top] [All Lists]

outdated thinking about domains and hosts

2008-04-01 22:38:23

Some of the arguments being put forth here about the use of AAAA records as fallback for missing MX records seem to be based on a very old and long-obsolete idea of the relationship between domain names and hosts.

Many years ago, it used to be the case that a domain name was the name of a host. More precisely, a domain name was associated with a host's IP address, and the vast majority of hosts had exactly one network interface and one IP address. In that world, it was easy to think of the host and domain and IP address as all being more-or-less pointers to the same thing.

Of course, in those days the vast majority of hosts were also multi-user timesharing computers. Hosts were expensive and because of this it was generally expected that a host would serve a community of users rather than a single user. So it was natural to think of a community of users as having a host that provided computing resources, and to associate that community with the host's domain name and an IP address. Several of the early Internet services were built around the idea of being able to remotely access a user's resources or information on a host: finger, ftp, telnet, and of course email.

The first nail in the coffin of this idea was RFC 974. The introduction of MX records broke the host=domain=address relationship because MX records allowed email to be sent to hosts that were not even connected to the Internet. More generally, MX records made it possible to create domains for use in email addresses that didn't correspond to any actual host anywhere. All that mattered was that the primary MX servers for a domain knew what to do with mail that was sent to a user at that domain.

Since then a number of things have further weakened the host=domain=address relationship:

- As the Internet grew, in order to make various services scale to handle the demand, it often became necessary to implement a service with large numbers of host that shared a single domain name - or even sharing a single IP address using special-purpose load-sharing NATs.

- Eventually it was realized that it was very convenient to associate a service with a domain name (say for marketing purposes or ease-of-use) even when the service required only a small fraction of the resources available on a single host. The result was what is known as "virtual hosting" where a single host provides services that are associated with a large number of domains, at much lower cost than would have been required to provide a separate host for each domain. Extensions to HTTP made it possible for a web server to handle requests for URLs in different domains even though they were associated with the same IP address. Other workarounds have been found for other protocols (e.g. the common POP/IMAP/FTP convention of using usernames of the form "user(_at_)domain" during login).

For similar reasons, it is now common for a single host to be accessible via multiple IP addresses.

- SRV records further weakened the relationship between domains and hosts by allowing that relationship to be specified on a per-service basis, for application protocols defined to use SRV.

Today, the vast majority of references to a domain name, whether in email or in a URL or otherwise, DO NOT refer to a specific host. Domains are no longer equivalent or even nearly equivalent to host names, and haven't been for a long time.

----

How does this relate to AAAA fallbacks?  Simply this:

The argument that a host ought to be able to run email without registering an MX record for its domain is specious. In general, a host does not have a designated domain name or even a designated address anymore. Even a host as modest as a typical desktop PC can support an arbitrary number of services that are associated with an arbitrary number of domains.

Yes, there might be a domain associated with a host's IP address via DNS PTR lookup, but that's irrelevant because very few applications care what domain the PTR record points to. Certainly email doesn't care, except for logging. And quite often that domain is meaningless - just something provided by the ISP because certain stupid applications won't work unless there's a PTR record there. (As if having a PTR record pointing to a meaningless domain name were an indicator of anything useful.)

One consequence of this is that the owner of a host isn't really prevented from running an email server on that host by his inability to write an MX record to any particular zone. I see three cases:

1) The owner of the host also owns one or more domains that he can associate with the host, and he has write permission to the DNS zones for those domains. He can create MX records for those domains.

2) Like case (1) but for some reason the interface to those DNS zones is dysfunctional and won't let him create MX records. But since the owner of the host also owns those domain names, he can move them to other DNS hosting providers with less dysfunctional interfaces. And DNS providers will get their act together when they realize they're losing business. problem solved.

3) The owner of the host doesn't own the domain name that someone has associated with that host. In that case, the host owner simply doesn't have the right to create email addresses at that domain. That right belongs to the domain owner. The host owner can still run an email server on his host, he just can't insist that email addresses that are associated with someone else's domain should be handled by his host.


Keith

<Prev in Thread] Current Thread [Next in Thread>
  • outdated thinking about domains and hosts, Keith Moore <=