[Mimedefang] DNS and MX records
Les Mikesell
les at futuresource.com
Wed May 10 15:09:04 EDT 2006
On Wed, 2006-05-10 at 11:19, John Rudd wrote:
> >
> > That is known as the implicit MX and is held over from before the MX
> > resource record existed. However, in my opinion, it has long outlived
> > it's usefulness and now poses issues when a domain really doesn't want
> > to have mail exchanged in their name. I've resorted to using an MX
> > record of "0 ." for my domains that do not send or receive mail. This
> > at least causes an immediate bounce and saves mail servers from
> > connecting
> > to a web server for 5 days.
> >
>
> Uh, I think the way you're supposed to solve that problem (a domain
> that doesn't receive email) is by:
>
> a) not having an MX record,
> b) not having the hosts answer on port 25, or if they're shared among
> multiple domains, have them refuse email directed at recipients of that
> domain.
>
> (and, do correct me if I'm wrong: I thought MX records were optional;
> you use them when you want email sent to some place OTHER than the
> matching hostname; if you want email to go directly to a host, it's ok
> to not have an MX record for that host)
>
> And, the way I handle not having anyone connect to port 25 on my web
> server is ... my web server doesn't run any software on port 25. If
> people are trying to send it email directly, and that email gets stuck
> in their mail queue for 5 days because of it, that's their problem, not
> mine.
The place this is likely to be a problem is where you have
virtual web servers with names in lots of domains pointing
to the same box and you do want to accept mail for some
of those names. Note that CNAMES take all the associated
data for the related A records, so if you have an MX for
the real A record, the CNAME'd names get it as well, and
if you don't, mailers will follow the CNAME to the related
A record. You still don't have to accept mail to those
names, but if you want a role like postmaster or hostmaster
to work you can use the virtusertable feature to deliver
those somewhere and default everything else to error:nouser.
--
Les Mikesell
lesmikesell at gmail.com
More information about the MIMEDefang
mailing list