Re: [Exim] Slightly OT DNS<->MTA problem

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Sascha E. Pollok
CC: exim-users, sv
Subject: Re: [Exim] Slightly OT DNS<->MTA problem
On Fri, 30 Mar 2001, Sascha E. Pollok wrote:

> Let me just summarize some replies. Philip suggested that sending
> SMTP to a A record instead of an MX record is not a good thing


Let me rephrase what I said, to make it absolutely clear:

If there is an MX record for a domain (say x.example.com) then you
MUST NOT attempt to send mail to an A record that might exist for
x.example.com. The RFCs are quite clear on this point. You may only
attempt to send mail using the A record if you are SURE that there are
no MX records - that is, if the DNS has said "there are no such
records". If you get a DNS timeout or other error when looking for the
MX records, you still may not use the A record.

When I say MUST NOT I mean it in the usual RFC sense, that is, "if you
persist in doing this, the result is outside the scope of the RFCs and
may not be what you expect; interworking will probably be impaired".

The existence of the "if no MX then use A" rule is a hangover from the
transition from pre-MX days. Personally, I would like to see it
abolished, as nowadays it causes more trouble than it is worth.

[We had trouble with this a decade ago when we had an IBM mainframe
called phx.cam.ac.uk. It was eventually connected to the Internet for
various services (so it had an A record) but not for email. Its MX
records pointed to a different host, which passed the mail via another
protocol. We got the occasional complaint, and had to keep pointing
people to the RFCs.]

> but people/MTAs are doing that, right?


Well, they shouldn't be. They are breaking the rules. I have no
sympathy. RFC 974 has been around for a very long time. The revised
version of RFC 821 (SMTP), which is going to be an RFC any day now, says
this:

If one or more MX RRs are found for a given name, SMTP systems MUST NOT
utilize any A RRs associated with that name unless they are located using
the MX RRs; the "implicit MX" rule above applies only if there are no MX
records present. If MX records are present, but none of them are usable,
this situation MUST be reported as an error.

> He suggested not running
> an MTA on the webserver although I am not sure if the MTAs
> going ga-ga would try the MX records afterwards.


That is their problem. If they break the rules they must live with the
consequences.

-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.