spf-discuss
[Top] [All Lists]

Re: [spf-discuss] Empty MX name

2005-12-29 07:40:52
Stuart D. Gathman writes:
mail.globalinkllc.com has no SPF record.  However, their weird MX could
happen to a domain that does.  

$ host -t mx mail.globalinkllc.com
mail.globalinkllc.com is an alias for redirect.mail.premiumservices.yahoo.com.
redirect.mail.premiumservices.yahoo.com is an alias for 
ymb1.mail.vip.sc5.yahoo.com.
ymb1.mail.vip.sc5.yahoo.com mail is handled by 0 .

That wierd MX is broken anyway - MXs are not allowed to be aliases
(CNAMEs).  That goes all the way back to rfc974, which says on page 6:

   Note that the algorithm to delete irrelevant RRs breaks if LOCAL has
   a alias and the alias is listed in the MX records for REMOTE.  (E.g.
   REMOTE has an MX of ALIAS, where ALIAS has a CNAME of LOCAL).  This
   can be avoided if aliases are never used in the data section of MX
   RRs.

   Implementors should understand that the query and interpretation of
   the query is only performed for REMOTE.  It is not repeated for the
   MX RRs listed for REMOTE.  You cannot try to support more extravagant
   mail routing by building a chain of MXs.  (E.g. UNIX.BBN.COM is an MX
   for RELAY.CS.NET and RELAY.CS.NET is an MX for all the hosts in .IL,
   but this does not mean that UNIX.BBN.COM accepts any responsibility
   for mail for .IL).

The last sentence of the first paragraph is probably one of the most
contested sentences in any rfc.  This rfc dates to 1986, a time when
explaining to technically adept people the evil consequences of doing
something was sufficient "Don't do this".  The breakdown of that is
why today's rfcs are full of hollered uppercase MUSTs and SHOULDs.

There may be such a definitive statement in one of the many revisions
of rfc974, but I wanted to quote the above for the "chain of MXs"
part, which is what the mail.globalinkllc.com MX appears to be
attempting.  Even if you allow an MX to be an alias, the record would
say that ymb1.mail.vip.sc5.yahoo.com itself (which has an A record
with IP data of 216.136.232.176) handles the mail, not that the MX(s)
for ymb1.mail.vip.sc5.yahoo.com handle the mail.

(Yes, there are real-life cases where a mail server does MX duty for
domains but does not handle mail addressed to itself, so it has an MX
record of its own.)

--
Dick St.Peters, stpeters(_at_)NetHeaven(_dot_)com 

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

<Prev in Thread] Current Thread [Next in Thread>