[Dnsmasq-discuss] CNAME trouble with no AAAA

Dominick C. Pastore dominickpastore at dcpx.org
Mon Oct 21 00:29:07 BST 2019


I have no complaints about a new thread.

On Sun, Oct 20, 2019, at 6:47 PM, Kurt H Maier wrote:
> On Sun, Oct 20, 2019 at 12:55:44PM -0400, Dominick C. Pastore wrote:
> > 2. In fact, Dnsmasq never follows a CNAME for MX or TXT requests, even
> > when the CNAME does point to a host Dnsmasq knows locally. (I assume
> > this is the reason for #1.)
>    
> RFC2181 explicitly forbids MX records from being aliases.  It's a bad
> idea -- best case, it doubles DNS traffic.  MX et al fall into
> additional section processing, which does not contain CNAME records.   
> This means a CNAME-only MX record will cause no-address responses.
> Which means the client, if it's trying hard enough, will just request a
> regular lookup, get the CNAME, resolve that, and hopefully get the MX
> record in additional-section along the way.
>      
> Yes, all sorts of DNS server software allows this crap.  It's still bad
> behavior.  MX records should not be CNAMEs.  RFC5321 has more
> information, including the directive that MX records MUST contain a   
> domain name with an A or AAAA record.
>      
> khm
>

To be clear, I was referring to a CNAME whose target has an MX record (or TXT record, or probably others). For example, in Dnsmasq terms:

cname=myhost.example.com,example.com
host-record=example.com,192.168.0.1
mx-host=example.com,mail.example.com
host-record=mail.example.com,192.168.0.2

An MX request for myhost.example.com results in NODATA. Admittedly, I'm not 100% sure that this is allowed by the RFCs either, but I didn't see anything indicating it shouldn't be (but it's entirely possible I missed something).



More information about the Dnsmasq-discuss mailing list