[Mimedefang] DNS and MX records

Jason Bertoch jason at electronet.net
Wed May 10 13:07:33 EDT 2006 

>>> If I'm not mistaken, even properly configured MTAs will revert to the 
>>> A
>>> record of a domain of there are no MX records available. (although I
>>> haven't done any real research to back up this statement recently so I
>>> could be completely off base)
>>>
>>> Alan
>>
>> That is known as the implicit MX and is held over from before the MX
>> resource record existed.  However, in my opinion, it has long outlived
>> it's usefulness and now poses issues when a domain really doesn't want
>> to have mail exchanged in their name.  I've resorted to using an MX
>> record of "0 ." for my domains that do not send or receive mail.  This
>> at least causes an immediate bounce and saves mail servers from 
>> connecting
>> to a web server for 5 days.
>>
>
>Uh, I think the way you're supposed to solve that problem (a domain 
>that doesn't receive email) is by:
>
>a) not having an MX record,
>b) not having the hosts answer on port 25, or if they're shared among 
>multiple domains, have them refuse email directed at recipients of that 
>domain.
>
>(and, do correct me if I'm wrong: I thought MX records were optional; 
>you use them when you want email sent to some place OTHER than the 
>matching hostname; if you want email to go directly to a host, it's ok 
>to not have an MX record for that host)
>
>And, the way I handle not having anyone connect to port 25 on my web 
>server is ... my web server doesn't run any software on port 25.  If 
>people are trying to send it email directly, and that email gets stuck 
>in their mail queue for 5 days because of it, that's their problem, not 
>mine.


	In my case, it is a problem.  Outbound mail sits in my queue for several
days trying to connect to a server that isn't responding to connections on port
25.  Whether it's a typo, or just plain a bad address, my users are only
notified that delivery has been delayed.  They still believe delivery is
possible until the bounce shows up.
	It wastes resources attempting connections to a server that will never
answer, and all because of the old implicit MX rule.  I try to help everyone out
on my domains that don't use e-mail by implementing an MX that will ensure an
immediate bounce.  I believe that all users would benefit from dropping the
implicit MX rule from the RFC or if admins used a similar workaround as the one
above.

Jason

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3093 bytes
Desc: not available
URL: <https://lists.mimedefang.org/pipermail/mimedefang_lists.mimedefang.org/attachments/20060510/5f22dee3/attachment-0003.bin>

More information about the MIMEDefang mailing list