The rules about MX and CNAME are primarily there so a MTA can easily identify
itself by name and not produce mail loops. If you are send email to a CNAME
then you are using a name the MTA doesn’t know itself by so it can’t reject the
MX and any equal or higher value MX. Lots of mail used to bounce because mail
was sent to an alias.
To do the same filtering with CNAMES you need to lookup address records for
each MX target and check all the CNAMES targets as well for a match. You go
from a single MX lookup that has to work to MX plus multiple A and AAAA lookups
that have to work and you have to describe the behavior when those lookups
fail.
--
Mark Andrews
On 5 Apr 2021, at 06:31, Arnt Gulbrandsen
<arnt(_at_)gulbrandsen(_dot_)priv(_dot_)no> wrote:
What John Levine says.
You can say things like "those people should be liberal in what they accept
and overlook my minor error" but sometimes you run into people who aren't
conservative, just like you aren't conservative if you violate a rule
knowingly. And sometimes you run into people who haven't tested their
handling of the error you commit, and untested code breaks, that's a <beep>
<beep> axiom.
Arnt
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp
_______________________________________________
ietf-smtp mailing list
ietf-smtp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf-smtp