Re: DNS and hostname hiding: my experience FWIW

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M+\Paul Civati at <-
MMMChris Thompson at ->
Delete this message
Reply to this message
Author: Greg A. Woods
Date:  
To: paul
CC: exim-users
Subject: Re: DNS and hostname hiding: my experience FWIW
I almost removed exim-users from the Cc, and I apologise in advance to
anyone who feels I should have, but we have been talking about how to
configure mailers to handle large domains and I think this is relevant
in that vein.

[ On Thu, October 2, 1997 at 15:03:33 (+0100), Paul Civati wrote: ]
> Subject: Re: DNS and hostname hiding: my experience FWIW
>
> Tom <tom@???> wrote:
> > It isn't a really good idea to point MX to CNAMEs anyhow, even though
> > aol.com does it. Some version of named complain profusely when resolving
> > such things (use the supplied logging options).
>
> Some people say it's ok, some don't.

It's not only not a good idea -- it's contrary to the RFCs despite what
the clowns at AOL will try to claim. They're using an "exception" in
the RFCs that was added to permit abuses of the time (i.e. ~1989) to be
allowed but discouraged. As they fully admit on the WWW page you
reference, the RFC "strongly recommend against pointing MXes at CNAMES".

There are other perfectly reasonable ways to build large farms of mail
hosts to handle a busy zone. Only AOL's so-called systems programmers
have failed to discover a way that's not discouraged by the RFCs.

By my own count I see no reason why you can't have at least 100 hosts
(nearly double the number AOL claim they have to run) serving mail for
one domain without breaking any limits or "strong recommendations" in
the DNS (that's 10 MX targets with 10 A's each, sort of like how
compuserve.com does things [though I see they've recently slipped up and
added a broken MX for some other reason]). More advanced nameservers
can also selectively hand out very short TTL responses based on system
load balancing policy, etc. (though don't use that lbnamed perl script
for production -- it fails silently under load), but of course there's a
tradeoff here with the increased DNS bandwidth you'll need to support.

Of course the so-called programmers at AOL also refuse to obey a "MUST"
rule in the host requirements RFC and will throw back the self-
contradictory rule in that same RFC as their only defense (I'm referring
here to the HELO parameter rules in RFC 1123).

Personally I think a farm of 100 modern very large servers should be
able to handle in-bound mail for all the people on the planet (or at
least all the users who have Internet access today), assuming you could
get enough network connectivity into them. Why AOL think they need 55
in-bound MX hosts just for their piddly 2-3 million users I cannot
imagine. Perhaps they're using PCs as servers. 

-- 
                            Greg A. Woods


+1 416 443-1734      VE3TCP      <gwoods@???>      <robohack!woods>
Planix, Inc. <woods@???>; Secrets of the Weird <woods@???>


--
* This is sent by the exim-users mailing list.  To unsubscribe send a
    mail with subject "unsubscribe" to exim-users-request@???
* Exim information can be found at http://www.exim.org/




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: list of blocked IP addresses in a file?Unknown user script->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)