[vox-tech] some people can't send to list
Nick Schmalenberger
nick at schmalenberger.us
Tue Mar 17 18:09:20 PDT 2015
On Tue, Mar 17, 2015 at 05:41:32PM -0700, Tony Cratz wrote:
> On 03/16/2015 11:56 PM, Wes Hardaker wrote:
> > This is fine:
> >
> > # dig lugod.org mx
> >
> > ;; ANSWER SECTION:
> > lugod.org. 3600 IN MX 10 www.lugod.org.
> >
> > This is not:
> >
> > # dig www.lugod.org.
> >
> > ;; ANSWER SECTION:
> > www.lugod.org. 3600 IN CNAME lugod.org.
> > lugod.org. 3600 IN A 173.13.165.50
> >
> > *some* (most) DNS resolution software lets you get away with that, but
> > it's not legal according to the DNS RFCs and shouldn't be done.
> >
> >
> > The right thing to do would be to replace the MX record so it looked
> > like this:
> >
> > lugod.org. 3600 IN MX 10 lugod.org.
> >
> > Which would then work. Though, the best thing to do is actually create
> > a new host record:
> >
> > lugod.org. 3600 IN MX 10 mail.lugod.org.
> > mail.lugod.org. 3600 IN A 173.13.165.50
> >
>
> In all the years of be being a Sys. Admin., this issue has been
> very high on the problem list.
>
> I have gotten to the point where I refuse to ever use a CNAME.
> I wish that CNAME was never invented.
>
>
> Tony
>
Yeah, but honestly why is it a problem anyway? Sure it allows
creating DNS loops and other weird stuff, but it can also be
useful (like a lot of things that can make loops).
It is possible with a sophisticated DNS service like Amazon
Route53 to resolve the equivalent sort of logic internally and
spit out an A record in response to the first request, and still
allow geo or other load balancing.
At my work we use Route53, and it lets us also chain CNAMEs if we
choose. The benefit of that I think is it makes it easier for the
client to see how the logic is working. I can see both sides
here, but why should this be a rule?
-Nick
More information about the vox-tech
mailing list