[exim] Re: Exim hates CNAMEs, not IPv6

Góra strony
Delete this message
Reply to this message
Autor: Viktor Dukhovni via Exim-users
Data:  
Dla: exim-users
Temat: [exim] Re: Exim hates CNAMEs, not IPv6
On Fri, Dec 01, 2023 at 12:09:44AM -0500, John R Levine via Exim-users wrote:

> Oh, I see the problem. lists.exim.org is a CNAME for cumin.exim.org,
> and qmail is standard compliant per RFC 1123:
>
>       5.2.2  Canonicalization: RFC-821 Section 3.1

>
>          The domain names that a Sender-SMTP sends in MAIL and RCPT
>          commands MUST have been  "canonicalized," i.e., they must be
>          fully-qualified principal names or domain literals, not
>          nicknames or domain abbreviations.  A canonicalized name either
>          identifies a host directly or is an MX name; it cannot be a
>          CNAME.

>


That text is obsolete. There is no such text in RFC5321, and
CNAME-valued mail domains have long been OK. The sending MTA (its DNS
resolver) is expected to restart the MX lookup at the target of the
CNAME, and if no MX records are found, use the final A/AAAA records.

Envelope addresses are not affected by the CNAME recipient domain,
and must not be "canonicalised".

https://www.rfc-editor.org/rfc/rfc5321#section-2.3.5

Only resolvable, fully-qualified domain names (FQDNs) are permitted
when domain names are used in SMTP. In other words, names that can
be resolved to MX RRs or address (i.e., A or AAAA) RRs (as discussed
in Section 5) are permitted, as are CNAME RRs whose targets can be
resolved, in turn, to MX or address RRs. Local nicknames or
unqualified names MUST NOT be used. There are two exceptions to the
rule requiring FQDNs:

https://www.rfc-editor.org/rfc/rfc5321#section-5.1

The lookup first attempts to locate an MX record associated with the
name. If a CNAME record is found, the resulting name is processed as
if it were the initial name. If a non-existent domain error is
returned, this situation MUST be reported as an error. If a
temporary error is returned, the message MUST be queued and retried
later (see Section 4.5.4.1). If an empty list of MXs is returned,
the address is treated as if it was associated with an implicit MX
RR, with a preference of 0, pointing to that host. If MX records are
present, but none of them are usable, or the implicit MX is unusable,
this situation MUST be reported as an error.

If "qname" has problems with recipient domains that are aliases, the
problem is with qmail.

-- 
    Viktor.


--
## subscription configuration (requires account):
## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/
## unsubscribe (doesn't require an account):
## exim-users-unsubscribe@???
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/