Derek Martin wrote:
On Thu, Nov 03, 2005 at 10:39:00AM +0000, Paul Howarth wrote:
Well, what is supposed to happen is that the MTA first looks up the MX
record for the host that you specified, and THAT is used -- ater that,
if no MX record exists, it should do an A lookup and convert CNAMEs.
That's debatable because there should not be any MX records for a name
that has a CNAME record - see for example RFC 1912, section 2.4 "CNAME
records":
It isn't debatable; until the MTA does the lookups, it doesn't know
that the address is a CNAME or an MX or what it is. The MTA should
and does (at least with sendmail) look for MX records for the supplied
name first. Only if none are found does it do an A record lookup,
which is when it would discover the CNAME record.
Actually it gets the CNAME back when it does the MX lookup, so there's
no need to do the follow-up lookup of the A record:
$ dig www.uit.no mx
; <<>> DiG 9.3.1 <<>> www.uit.no mx
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11161
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;www.uit.no. IN MX
;; ANSWER SECTION:
www.uit.no. 86400 IN CNAME w3s2.uit.no.
;; AUTHORITY SECTION:
uit.no. 43200 IN SOA benoni.uit.no.
hostmaster.uit.no. 2005110300 14400 1800 1209600 43200
But this is just another example of a good reason not to
use CNAMEs. I never use them... they only create problems.
They're useful as long as you know what you're doing :-)
Too bad too many people don't :-(
I don't really agree; they're totally redundant. You're better off
just using an A record. That will always behave intuitively and
completely avoids all the stupid problems associated with CNAMEs.
True; it's a shame CNAMEs can't be "uninvented" really.
Paul.