From owner-freebsd-current@FreeBSD.ORG Tue May 18 07:30:34 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6BCE616A4CE; Tue, 18 May 2004 07:30:34 -0700 (PDT) Received: from regina.plastikos.com (216-107-106-250.wan.networktel.net [216.107.106.250]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8AA8343D46; Tue, 18 May 2004 07:30:30 -0700 (PDT) (envelope-from fullermd@over-yonder.net) Received: from mortis.over-yonder.net (adsl-19-159-58.jan.bellsouth.net [68.19.159.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by regina.plastikos.com (Postfix) with ESMTP id 99E4B6EEB9; Tue, 18 May 2004 10:30:29 -0400 (EDT) Received: by mortis.over-yonder.net (Postfix, from userid 100) id B75AE20F2F; Tue, 18 May 2004 09:30:27 -0500 (CDT) Date: Tue, 18 May 2004 09:30:27 -0500 From: "Matthew D. Fuller" To: Randy Bush Message-ID: <20040518143027.GE2038@over-yonder.net> References: <20040518063753.GB2038@over-yonder.net> <200405180804.i4I8477E019740@gw.catspoiler.org> <16554.7288.281205.464222@ran.psg.com> Mime-Version: 1.0 Content-Type: text/plain; charset=unknown-8bit Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <16554.7288.281205.464222@ran.psg.com> X-Editor: vi X-OS: FreeBSD User-Agent: Mutt/1.5.6i-fullermd.2 cc: 4711@chello.at cc: Don Lewis cc: freebsd-current@FreeBSD.org cc: cyrille.lefevre@laposte.net Subject: Re: bind timeouts X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 May 2004 14:30:34 -0000 On Tue, May 18, 2004 at 07:23:52AM -0700 I heard the voice of Randy Bush, and lo! it spake thus: > >> RFC974 says: > >> There is one other special case. If the response contains an > >> answer which is a CNAME RR, it indicates that REMOTE is actually > >> an alias for some other domain name. The query should be repeated > >> with the canonical domain name. > > > > That covers the intial lookup, meaning that a CNAME pointing to an MX is > > legal. > > no. it means an MX referring to a CNAME which resolves to an A Not by my reading. The first step for the mailer at LOCAL is to issue a query for MX RRs for REMOTE. [...] If the response contains an answer which is a CNAME RR, it indicates that REMOTE is actually an alias for some other domain name. The query should be repeated with the canonical domain name. which covers the case: foo IN CNAME bar bar IN MX 10 mail mail IN A 127.0.0.1 not the case: foo IN MX 10 bar bar IN CNAME mail ---------------- But, as I came across in a completely seperate quest (today is Bizarre Coincidence Day, boys and girls!), see RFC2181 §10.3: The domain name used as the value of a NS resource record, or part of the value of a MX resource record must not be an alias. Of course, 2181 is a _Proposed_ Standard, for whatever value you may choose to assign to that classification. -- Matthew Fuller (MF4839) | fullermd@over-yonder.net Systems/Network Administrator | http://www.over-yonder.net/~fullermd/ "The only reason I'm burning my candle at both ends, is because I haven't figured out how to light the middle yet"