David F. Skoll wrote: > You can use other rules to rewrite internal domains. I think > confDONT_EXPAND_CNAMES should be the default.
Kees Theunissen wrote: >Notwithstanding the above, you probably shouldn't rewrite those >addresses. I agree. We probably should not rewrite that domain. To be honest it is more a political issue where two top level managers from the two companies are butting heads pointing fingers to each other. The externel companies manager insists that they are RFC complient and they don't care if an estimate of around 30% of servers might rewrite their sending domain - since they are are RFC complient and the other companies are not. They reject e-mail that is sent to their real domain - so they do loose e-mail. In theory they are right, but it practice I personally feel they should compensate. On our side the manager does not want to change our config to not rewrite their address since he believes they should modify their DNS to be "world compatible". In practice he is probably right, but again IMHO I believe we should compensate. I don't think the issue will get resolved unless I get a RFC prohibiting their DNS setup, but I believe thats fighting a loosing battle. Thanks for all the inputs from everyone. It's appreciated. As a last comment (and for interest sake) the following issue is raised by RFC 1034, but I don't think it is clear en enough to force a change on their DNS config. While the use of CNAME RRs with MX records is implemented and generates a working configuration it is theoretically not permitted (RFC 1034 section 3.6.2) since it can result in lost names (if the config is not correct). Here is a technically invalid configutation. domain.com IN MX 10 mail.domain.com. mail.domain.com IN CNAME server1.domain.com server1.domain.com IN A 192.168.1.1 If I issue a query for the A RR of mail.domain.com the result will return both the CNAME RR (mail.domain.com) and the A RR (server1.domain.com). When we however use the A RR (server1.domain.com) the name associated with the CNAME will be lost, that is, there is a valid MX record referencing the host mail.domain.com and an A RR referencing server1.domain.com but nothing joins the two records. RFC 1034 states: "If a CNAME RR is present at a node, no other data should be present; this ensures that the data for a canonical name and its aliases cannot be different.". So we can modify the above configuration to ensure we can join the CNAME and MX records as follows: domain.com IN MX 10 mail.domain.com. server1.domain.com IN CNAME mail.domain.com. mail.domain.com IN A 192.168.1.1 The above configuration will work perfectly since a valid mapping of the MX name to the A RR name is made. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
