Julian Mehnle wrote:
RFC 974 (MX records), section "Issuing a Query"
This triggers my "below 2000" alarm, The RfC editor page says:
"obsoleted by 2821, status HISTORIC". Sorry, I refuse to read
obsolete RfCs unless it's in a discussion with Bruce Lilly. ;-)
I was really annoyed by Leslie replacing RfC 954 by 3912, but
nevertheless RFCI was forced to update its policies, drop its
old ipwhois zone (donated to William's completewhois), and to
replace RfC 954 by 1032 (of course not 3912) everywhere.
RFC 2181, section 10.3, "MX and NS records"
Another alarm triggered, this time it's the "Randy's zone cut
doesn't fly with those namedroppers" alarm. And the RfC editor
offers "updated by 2535, 4033, 4034, 4035".
It's not that I have the faintest idea what 2535, 4033...4035
say. OTOH I'm also not in the mood to check it, I only trust
that the mail experts on the RFCI list would get it right.
| Thus, if an alias is used as the value of an NS or MX
| record, no address will be returned with the NS or MX
| value. This can cause extra queries, and extra network
| burden, on every query.
That sounds like "don't do this" for me.
I cannot follow the "additional section processing does not
include CNAME records" argument.
Testing `nslookup -q=mx mehnle.net`
:
mehnle.net preference = 10, mail exchanger = mail.mehnle.net
Autorisierte Antworten können gefunden werden in:
mehnle.net nameserver = io.link-m.de
mehnle.net nameserver = ns.link-m.de
mehnle.net nameserver = ns3.knipp.de
ns.link-m.de internet address = 195.30.85.251
ns3.knipp.de internet address = 194.64.105.66
Obviously no IP for mail.mehnle.net in the additional section.
By contrast `nslookup -q=mx schlitt.net`
schlitt.net preference = 10, mail exchanger = mail.schlitt.net
Autorisierte Antworten können gefunden werden in:
schlitt.net nameserver = dns.schlitt.net
schlitt.net nameserver = ns1.twisted4life.com
mail.schlitt.net internet address = 67.52.51.34
dns.schlitt.net internet address = 67.52.51.35
ns1.twisted4life.com internet address = 202.157.185.115
Here the IP of mail.schlitt.net is in the additional section.
I'm lost with these DNS details. I can't tell why it works
for schlitt.net but not say xyzzy.claranet.de or claranet.de,
maybe an MX in a different zone always needs another query (?)
If that's the problem your CNAME trick forces an additional
query where it's normally (no CNAME) unnecessary.
Going by that rationale, the use of CNAME could be considered
to be generally forbidden.
No, "well-known host names" like mail, www, ftp, news, etc. at
least _were_ a sound strategy. There's nothing wrong if your
smtpd says "EHLO mail.mehnle.net" and this is only a CNAME.
I currently don't have the time to help others debug their
flawed (or at least over-zealous) blacklisting policies.
Nor me, except from removing TLDs from RFCI's whois zone when
possible I'm only interested in adding entries to RFCI - the
removal is the problem of the ignorants if they care about it.
The complete number of my submissions to "bogusmx" is one, a
Chinese network insisting on MX -> IP, which caused a bounce of
my mail worm abuse report.
Apparently my smart hosts had no problem with your CNAME trick,
but maybe somebody else had a real problem.
you are free to also bring it up on their mailing list if you
think my argument bears weight.
I've no idea about the issue, but I certainly won't discuss it
based on the shaky grounds of Meng's 1912 essay. My interests
in RFCI are focussed on my whois client "rxwhois version 1.8",
<http://purl.net/xyzzy/rxwhois.htm> and the related policies
up to ICANN's WDPRS.
Bye, Frank