In article <gs8ar1$1rg...@sf1.isc.org>, Kevin Darcy <k...@chrysler.com> wrote:
> Even if it were legal to point MX records at aliases, if that alias > points to some dynamic IP, it might be a really bad idea to point your > MX there, since, due to caching, some other client who got your old > dynamic IP address, could then accidentally receive your email for some > period of time, unless you have some sort of crypto authentication. That problem exists even if you don't go through an alias, e.g. foo.com. IN MX 10 foo.dyndns.org. Did you notice that his dynamic A record has a 60-second TTL? Unless he gets lots of mail, I think a one-minute window of vulnerability is reasonably safe. If he has a cable modem service, they typically change IPs very rarely. And the customer who gets your old IP would have to be running a mail server, and configure it to accept mail for your address, for this to cause mis-delivery. > If you can run your web services and mail services on *static* IPs that > would be preferred. Trying to run this kind of stuff on dynamic IPs is > always going to be an uphill battle. Maybe you relish the challenge; > most people just want their stuff to work. Static IPs are typically more expensive than dynamic ones, and that extra expense may not be justified for many people. -- Barry Margolin, bar...@alum.mit.edu Arlington, MA *** PLEASE don't copy me on replies, I'll read them in the group *** _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users