[Mimedefang] Domain canonifyin?g and RFCs

Ernst du Plooy eduplooy at gmail.com
Wed Oct 19 10:45:04 EDT 2011

Joseph Brennan wrote:
> >It says a CNAME can be used, if it can be resolved. So sendmail
> >resolves it. I don't see any problem there.

Yes, the CNAME will resolve, but Sendmail will rewite the user at cname
to user at realname. Sendmails behaviour is explained with the
confDONT_EXPAND_CNAMES option as follows:

[False] If set, $[ ... $] lookups that do DNS based lookups do not
expand CNAME records. This currently violates the published standards,
but the IETF seems to be moving toward legalizing this. For example,
if "FTP.Foo.ORG" is a CNAME for "Cruft.Foo.ORG", then with this option
set a lookup of "FTP" will return "FTP.Foo.ORG"; if clear it returns
"Cruft.FOO.ORG". N.B. you may not see any effect until your downstream
neighbors stop doing CNAME lookups as well.

It seems that RFC2821 legalised the use of CNAMEs and Sendmail should
not rewrite it anymore (the information above seems to be out dated).
Like I mentioned I can fix my sendmail behaviour with the
confDONT_EXPAND_CNAMES option.  I would however like to find proove
that the behaviour of sendmail is still valid.  The reason I don't
want to implement confDONT_EXPAND_CNAMES is that I currently use this
server to rewrite the sender domain on purpose for an internal server.

More information about the MIMEDefang mailing list