Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!purdue!haven!uvaarpa!randall
From: randall@uvaarpa.virginia.edu (Randall Atkinson)
Newsgroups: comp.protocols.tcp-ip
Subject: Re: MX-registration vs %-hack (was Re: New Host-Requirement RFCs)
Message-ID: <1233@uvaarpa.virginia.edu>
Date: 25 Oct 89 20:50:26 GMT
References: <8910201839.AA29376@arcturus.mitre.org> <7696@ditmela.oz> <43522@sgi.sgi.com>
Reply-To: randall@uvaarpa.Virginia.EDU (Randall Atkinson)
Organization: University of Virginia, Charlottesville
Lines: 36

In article <43522@sgi.sgi.com> vjs@rhyolite.wpd.sgi.com (Vernon Schryver) writes:

>Our problem was made worse by many of things, including my mistakes, broken
>DNS-servers out there, having thousands of hosts in several domains behind
>the sgi.sgi.com gateway, not wanting to burden our secondary servers with
>our not too small and ever changing host files, and the security worries of
>some people.

>We tried using simple wildcard MX records.  That does not work.  The
>obnoxious "%" does work.

Actually if you'll check the GE nameserver, you will find that we have
hidden our entire internal DECnet (hordes of ever changing hosts)
behind an MX record for *.DNET.GE.COM and the domain I look after is
has a MX for *.CHO.GE.COM.

We had a *&^% of a time when we tried to observe the "%" hack and I have
had _zero_ complaints from users since we got our MX records straight last
spring and eliminated all usage of the "% hack" whereas I had near daily
gripes until the changeover about lost or delayed mail.

We exchange mail regularly with most of the known Internet including
Asia and Europe.  No problems.  I wonder if SGI's problem was really
getting the MXs straight rather than something else.  Use of the
%-hack can hide from view problems with one's nameserver's MX records.
My own experience is why I feel so strongly about eliminating the
%-hack from common usage and reserving it for the few special cases
wher an MX record won't work for political or technical reasons and
no other solution is present.

I hear gripes that MILNET users are the problem since many don't
have nameservers.  I haven't experienced any problems with folks on
MILNET myself though.

  Ran
  GE-Fanuc North-America