Thread: Way OT -> DVD recorders
View Single Post
  #64   Report Post  
Andy Hall
 
Posts: n/a
Default
On Mon, 21 Mar 2005 12:09:27 +0000, Andy Wade
wrote:

Stefek Zaba wrote:

[...] The MX entries each come with a "priority", lowest number being
"best", i.e. most appropriate; the sender tries to establish contact
with an SMTP handler on each entry on the list, in priority order,

OK so far...

unless that priority is "worse" than its own for that domain (this is
how we avoid mail routing loops).

... could you explain that in a bit more depth Stefek - i.e. what do do
you mean by "its own [priority] for that domain?" Do you mean its own
cached MX record from a previous lookup, or something else? And how
does this avoid loops?


I'm sure that Stefek will explain his point on this one.

I've run into several areas over the years where mail loops can be
created inadvertently through seemingly innocent DNS configurations.

One way is if you don't watch out for definitions of the MX records
and reference via a CNAME rather than an A record.

This is correct:

; Mail Exchangers
;
IN MX 10 primary.you.com.
IN MX 20 secondary.you.com.

;
; Canonical names
;
primary.you.com. IN A 192.168.0.1
secondary.you.com. IN A 192.168.2.3

This is not:

; Mail Exchangers
;
IN MX 10 primary.you.com.
IN MX 20 secondary.you.com.
;
; Canonical names
;
primary.you.com. IN A 192.168.0.1
secondary.you.com. IN CNAME relay.you.com.

;
; Aliases
;
relay.you.com. IN A 192.168.2.3


It's also important to be careful with mailer configurations,
especially if you are relaying mail from machine to machine. You can
create loops this way as well.

e.g.
http://www.bb-zone.com/SLGFG/chapter18.html



The detailed workings of DNS are still a bit of a mystery to me, but I'm
gradually trying to understand the beast...

One of the best known works on this is the O'Reilly book on DNS and
BIND which has been around for years.

http://www.oreilly.com/catalog/dns4/

I have one of the older editions and have just ordered the latest
which covers new versions, particularly 9.x

This is also a good starting point

http://www.isc.org/index.pl?/sw/bind/



--

..andy

To email, substitute .nospam with .gl
Reply With QuoteReply With Quote