Path: utzoo!utgpu!news-server.csri.toronto.edu!mailrus!ames!haven!decuac!e2big.mko.dec.com!bacchus.pa.dec.com!decwrl!wuarchive!zaphod.mps.ohio-state.edu!uwm.edu!ux1.cso.uiuc.edu!cs.niu.edu!rickert From: rickert@mp.cs.niu.edu (Neil Rickert) Newsgroups: comp.mail.sendmail Subject: Proper handling of MX records Message-ID: <1990Aug10.192705.8072@mp.cs.niu.edu> Date: 10 Aug 90 19:27:05 GMT Sender: rickert@mp.cs.niu.edu (Neil Rickert) Organization: Northern Illinois University Lines: 59 There seem to be some problems with the handling of MX records in sendmail. My references are to sendmail-5.64. Both the standard version and the IDA version have this problem. But the problem is really with the correct interpretation of MX records. Suppose my domain name is: MY.DOMAIN and my machine name is ME.MY.DOMAIN. Further, and suppose there is a wild card MX record in the domain database - * IN MX 10 ME.MY.DOMAIN Suppose now that I wish to send mail to person@YOU.YOUR.DOMAIN. Sendmail looks up the domain database. It discovers the MX record, and returns ME.MY.DOMAIN for the FQDN of YOU.YOUR.DOMAIN.MY.DOMAIN. Sendmail then discards the record, since the preference is for the local host, and then instead searches for an A record. (Or more accurately, that is the current design intent. Due to a bug we are investigating it does not always do this). -------------------- The effect is this: I can send mail to YOU.YOUR.DOMAIN provided you are directly on Internet. But if your address is an MX only address, sendmail is incapable of sending you mail - at least in the presence of wild card MX records in my domain. Here are some possible solutions: (a) Don't use MX records. (Clearly not acceptable). (b) If the the domain contains periods (as in YOU.YOUR.DOMAIN), sendmail should treat the name as fully qualified, and not allow qualification in the local domain. This means it is up to sendmail.cf to ensure that the domain is fully qualified before the TCP (or ether or ddn mailer, depending on your version) is selected. I suspect this would break some existing versions of sendmail.cf. (c) If the MX lookup fails (due to best preference being local), then before looking up the A type address, try a second time to find an MX record, but this time don't allow qualification in the local domain. This may be the most satisfactory. But it does mean that another local machine ANOTHER.MY.DOMAIN, in sending mail to YOU.YOUR.DOMAIN will qualify the name as local, matching the wildcard, and forward it to ME.MY.DOMAIN. Then ME.MY.DOMAIN having the best preference for the wildcard will fail to find the MX record, and do the second MX search assuming fully qualified. In other words there will be additional hops in the mail delivery which should not have been necessary. -- =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= Neil W. Rickert, Computer Sci Dept, Northern Illinois U., DeKalb IL 60115 InterNet, unix: rickert@cs.niu.edu Bitnet, VM: T90NWR1@NIUCS