[ On Monday, April 1, 2002 at 19:07:47 (-0500), Richard Welty wrote: ]
> Subject: Re[2]: [Exim] Refusing mail because of missing MX record
>
> i'm speaking from memory here, and not from direct reference to an RFC, but
> i'm pretty sure that delivering to the IP in an A record when no MX exists
> is still officially sanctioned. therefore, a site which has an A but no MX,
> and accepts mail at that IP, is standards conforming.
"officially", yes. (RFC 974, re-enforced by RFC 1123)
It is possible that the list of MXs in the response to the query will
be empty. This is a special case. If the list is empty, mailers
should treat it as if it contained one RR, an MX RR with a preference
value of 0, and a host name of REMOTE. (I.e., REMOTE is its only
MX). In addition, the mailer should do no further processing on the
list, but should attempt to deliver the message to REMOTE. The idea
here is that if a domain fails to advertise any information about a
particular name we will give it the benefit of the doubt and attempt
delivery.
The political rational for RFC 974's leniency is of course because back
in 1986 there was still some marketing effort necessary to "sell" the
DNS to the nay sayers. This leniency assured everyone that even if a
sender only had an old HOSTS.TXT file, or even if their recipient's
hostmaster had still only implemented the bare minimum of DNS necessary
to stay on the net (i.e. just translated their HOSTS entries into A
RRS), they should still be able to route their e-mail. You couldn't
really expect everyone to immediately discover and publish all the
necessary MX records for all their domains overnight (even though in
face of todays immensely larger DNS such a task seems trivial).
These days the Big Bad Internet is a very different place. Unofficially
anyone without an MX pointing their e-mail domains to a mail server,
even/especially if the MX target has the same name as the MX RR and
there's an associated A RR at the same node, is really rather far out to
lunch in this day and age (i.e. well over two decades after the DNS was
first widely deployed and used).
After all, how the heck is any third party observer (who might be trying
to diagnose some e-mail problem) supposed to tell the difference between
a host that's intended to and expected to be running SMTP and something
else like a terminal server or router unless there is an MX for it!?!?!?!?
Of course there's also a minor efficiency issue -- most mailers really
do query first for an MX and then only after finding none do they look
for an A RR, and sometimes that A RR does turn into a separate DNS
lookup all the way to an authoritative server. I.e. even if you don't
send huge volumes of e-mail you should be a good neighbour to those who
do and only make them ask once for your mailer's address!
> so yes, it really should have an MX, but i don't think it has to.
If I'm not mistaken there are some rather large and important domains
(i.e. not just mine! ;-) which now require an MX for all domains
appearing in the SMTP envelope sender address.....
On the other hand I don't know of many mail server (and not even my own)
which ignore RFC-974 et al and only route to MX addresses, ignoring A RRs....
> you can of course reject mail on any basis you like, but in this particular
> case, you're standing on very soft technical ground.
Luckily this ground has been covered quite well, and as I said in a
previous message there are in fact extremely few domains used for e-mail
which don't have proper MX records, especially these days when probably
more than half such domains are "virtual".
--
Greg A. Woods
+1 416 218-0098; <gwoods@???>; <g.a.woods@???>; <woods@???>
Planix, Inc. <woods@???>; VE3TCP; Secrets of the Weird <woods@???>
