On Thu, 8 May 2008, Robert A. Rosenberg wrote:
If there are two or more MX records at the highest priority (ie: preferred)
and some point at CNAMEs and some point at A/AAAA then while the MXs are
partly broken, the CNAMEs can be ignored (ie: Treated as Unreachable) and the
A/AAAA records used for those addresses you have IPvX connectivity for. If
none are usable then reject.
Yes, that's what RFC 2821 says.
OTOH, if/when the highest priority is ONLY CNAMEs (even if lower/back-up
MXs are A/AAAA which you can support) do an immediate reject since the
back-up MXs will never be able to deliver to the primary servers (due to
their being invalidly defined as CNAMEs).
That's not necessarily true: (1) Backup MXs don't have to use the standard
routing algorithm to deliver email. (2) If the verifying MTA is IPv4-only,
the primary MX is IPv6-only, and the backup MX is dual-protocol, your
proposed algorithm will falsely bounce the message.
f.anthony.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
SHANNON: SOUTHWEST 3 OR 4 BECOMING VARIABLE 3 OR LESS. MODERATE. SHOWERS, FOG
PATCHES. MODERATE OR GOOD, OCCASIONALLY VERY POOR.