Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uwm.edu!ux1.cso.uiuc.edu!mp.cs.niu.edu!rickert
From: rickert@mp.cs.niu.edu (Neil Rickert)
Newsgroups: comp.mail.sendmail
Subject: Re: Local Configuration Error
Message-ID: <1990Sep21.161726.18266@mp.cs.niu.edu>
Date: 21 Sep 90 16:17:26 GMT
References: <6460@jhunix.HCF.JHU.EDU> <wayWTiX0BwwORNyX8k@transarc.com>
Organization: Northern Illinois University
Lines: 53

In article <wayWTiX0BwwORNyX8k@transarc.com> Craig_Everhart@TRANSARC.COM writes:
>Let's say we have hosts A and B, and two MXs for A: one pointing to A
>with preference 10, and one pointing to B with preference 20.  (MX(A) =
>(10,A); MX(A) = (20,B).)  On host B (which is what we're concerned
>with), all MXs with preference >= 20 will be discarded, but that will
>nonetheless leave us with an MX pointing to domain A.  That's fine:
>clearly, you need to do an address lookup on the targets for MX records.
>
>All that Piet Beertema claims is that you shouldn't do address lookups
>for host A just because you ran out of MX records, apparently a
>debatable point.  The fact that the host name A is in both positions in
>``MX(A) = (10,A)'' muddles the issue.
>
   Right.  But what do you do when host A can only communicate on to its
local network.  Perhaps it has bad networking code.  Perhaps there is a
security concern.  However B can talk to the local network and the world.

  The possible solutions (using only SMTP) are:

   1.  Have two MX records for host A.  Preference 0 delivers to A, and
       preference 10 to B.  Anyone sending email from outside the local
       network will timeout on trying to send to A, and will (we hope)
       then send to B from where it will be forwarded.  I claim this is
       a poor choice, for it makes the whole Internet suffer the need to
       first time out on the primary MX record.

   2.  Have MX records for A pointing only to B (and to similarly capable
       hosts).   Make sure sendmail doesn't declare a configuration error
       when the best MX preference is for the local (i.e. B) host, but
       instead looks for an A-record.  This method works very simply and
       transparently.  Sendmail-5.64, as distributed by Berkeley already
       does this IF there is only a single MX record, but fumbles it if there
       are two or more MX records.  (This is what started the discussion).

   3.  Have 'sendmail' set to declare a configuration error, but bypass the
       problem with an ugly fudge in 'sendmail.cf' which directs the mail
       to A by internet address (as in [1.2.3.4]).  This will work if done
       with extreme care, but puts us back at the point of dependence on
       internet addresses that the domain naming system was meant to
       avoid.  The reason Internet addresses must be used with extreme
       care is that standard Berkeley versions of 'sendmail.cf' tend to
       mishandle them.  It the address is run through the $[ .. $] construct
       it is converted to a name, and the result will be that the name is
       used to find an MX record.  (This violates the RFC ??? specification
       that [...] addresses are to be used without interpretation).  (Of course
       if the address is not run through $[ ... $], 'sendmail.cf' may fail to
       recognize when an Internet address is local).

-- 
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
  Neil W. Rickert, Computer Science               <rickert@cs.niu.edu>
  Northern Illinois Univ.
  DeKalb, IL 60115.                                  +1-815-753-6940