[Dnsmasq-discuss] CNAME trouble with no AAAA
Dominick C. Pastore
dominickpastore at dcpx.org
Mon Oct 21 00:29:07 BST 2019
I have no complaints about a new thread.
On Sun, Oct 20, 2019, at 6:47 PM, Kurt H Maier wrote:
> On Sun, Oct 20, 2019 at 12:55:44PM -0400, Dominick C. Pastore wrote:
> > 2. In fact, Dnsmasq never follows a CNAME for MX or TXT requests, even
> > when the CNAME does point to a host Dnsmasq knows locally. (I assume
> > this is the reason for #1.)
>
> RFC2181 explicitly forbids MX records from being aliases. It's a bad
> idea -- best case, it doubles DNS traffic. MX et al fall into
> additional section processing, which does not contain CNAME records.
> This means a CNAME-only MX record will cause no-address responses.
> Which means the client, if it's trying hard enough, will just request a
> regular lookup, get the CNAME, resolve that, and hopefully get the MX
> record in additional-section along the way.
>
> Yes, all sorts of DNS server software allows this crap. It's still bad
> behavior. MX records should not be CNAMEs. RFC5321 has more
> information, including the directive that MX records MUST contain a
> domain name with an A or AAAA record.
>
> khm
>
To be clear, I was referring to a CNAME whose target has an MX record (or TXT record, or probably others). For example, in Dnsmasq terms:
cname=myhost.example.com,example.com
host-record=example.com,192.168.0.1
mx-host=example.com,mail.example.com
host-record=mail.example.com,192.168.0.2
An MX request for myhost.example.com results in NODATA. Admittedly, I'm not 100% sure that this is allowed by the RFCs either, but I didn't see anything indicating it shouldn't be (but it's entirely possible I missed something).
More information about the Dnsmasq-discuss
mailing list