Re: [vox-tech] some people can't send to list
On Sat, Mar 21, 2015 at 08:19:32PM -0700, Rick Moen wrote: Quoting Bill Kendrick (n...@sonic.net): Brian came over, I did the song dance to gain access to the account at domaindiscover aka tierra.net, and we fiddled with things. How's it looking now? Would you consider posting the new zonefile so it can be seen in its entirety? Understandably, the authoritative nameservers don't permit random members of the public to pull those down. Here ya go! $ dig -t axfr lugod.org @NS1.TIERRA.NET ; Transfer failed. $ dig -t axfr lugod.org @NS2.TIERRA.NET ; Transfer failed. $ One fine point: RFC 2182's recommendation is minimum three, maximum seven authoritative nameservers. Two is disrecommended as too thin. The choice of two only might be dictated by your chosen hosting provider, which doesn't make this error any smarter, but does make it more difficult to overcome. (Shortchanging redundancy is sadly common among ISPs.) Personally, I use mutual nameservice with other technical people -- and I do follow my own advice, too: $ whois linuxmafia.com | grep '^Name Server: ' | wc -l 5 $ Anyone want to help us with this? :) -- -bill! Sent from my computer $TTL 3600 @ IN SOA ns1.domaindiscover.com. hostmaster.tierra.net. ( 2015032103 ; Serial 7200; Refresh 1800; Retry 604800 ; Expire 28800 ) ; Minimum @ 3600NS ns1.domaindiscover.com. @ 3600NS ns2.domaindiscover.com. www 3600A 173.13.165.50 lists 3600MX 10 www.lugod.org. lists 3600A 173.13.165.50 @ 3600A 173.13.165.50 @ 3600MX 10 www.lugod.org. @ 3600TXT v=spf1 a mx -all @ 3600TXT Linux Users Group of Davis ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Quoting Bill Kendrick (n...@sonic.net): Here ya go! First of all, really good job! It's legible, clear, and nothing stands out immediately as 'should be fixed.' Looks like an exemplary professional job. I'm used to seeing ones that make my eyeballs ache and the ghost of Jon Postel weep. ;- Unpacking my 'If one is being picky' criteria, hmmm Three things total. o Already mentioned the RFC2182 section 5 suggestion of min. 3 nameservers. 604800 ; Expire o RFC1912 suggests an Expire value between 1209600 (14 days) and 2419200 (28 days). Unless you have an unusual reason to make cached zones expire in only 7 days, you might want to at least double zone life. (I tend to be old-school and express all time values in seconds, too, but an argument can be made that using zonefile macros for minutes, hours, days, weeks improves legibility. I'd be a hypocrite if I dinged anyone for eschewing that syntactic-sugar improvement, because I haven't started using it, either. ;- ) o No glue records in the parent .COM zone for the two authoritative nameservers, with the result that both are 'stealth nameservers'. The consequence of having stealth nameservers is that the situation can be confusing and can cause delays or other hard to diagnose inconsistencies. Basically, there should be NS lines with corresponding A records _within_ the nameserver records of the .COM domain (called 'glue records') for ns1.domaindiscover.com and ns2.domaindiscover.com. This isn't LUGOD's fault. Tierra.net d/b/a Domaindiscover has its glue records slightly fux0red. (I remember this. They've been doing this for a long time. I used to have my domains registered there, and liked them, but never used their nameserers.) Here are .com's own nameservers: $ dig -t ns com. +short e.gtld-servers.net. g.gtld-servers.net. k.gtld-servers.net. c.gtld-servers.net. j.gtld-servers.net. i.gtld-servers.net. h.gtld-servers.net. a.gtld-servers.net. l.gtld-servers.net. d.gtld-servers.net. m.gtld-servers.net. f.gtld-servers.net. b.gtld-servers.net. $ Let's ask the first of them about ns1.domaindiscover.com: $ dig -t ns ns1.domaindiscover.com @e.gtld-servers.net. ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 34213 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2 ;; WARNING: recursion requested but not available ;; AUTHORITY SECTION: domaindiscover.com. 172800 IN NS ns1.tierra.net. domaindiscover.com. 172800 IN NS ns2.tierra.net. ;; ADDITIONAL SECTION: ns1.tierra.net. 172800 IN A 216.104.162.2 ns2.tierra.net. 172800 IN A 216.104.163.2 $ So, you see, the parent .com zone completely lacks NS and matching A records for ns1.domaindiscover.com. ns2 is likewise, so I'll not waste space showing that. If you want, you can fix this problem by changing your auth nameserver references in both your domain registrar record and inline in your own zonefile, to use ns1.tierra.net and ns2.tierra.net instead of ns1.domaindiscover.com and ns2.domaindiscover.com. Anyone want to help us with this? :) Someone(s) with ongoing LUGOD involvement would be best. Please talk to me offlist if you can't find same. Anyway, truly excellent zonefile. The only half-serious issue is the one your registrar imposed on you, and that's doing very well. ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Quoting Alex Mandel (tech_...@wildintellect.com): If you're seeing this on the list then I think it's fixed. To make sure I'm clear: I'm volunteering to look through the entire zonefile and make polite suggestions (no obligation) as to anything LUGOD might choose to improve. I've done a lot of DNS profesionally for a long time, FWIW. -- Cheers, I'm ashamed at how often I use a thesaurus. I mean bashful. Rick Moen Embarrassed! Wait--humiliated. Repentant. Chagrined! Sh*t! r...@linuxmafia.com-- @cinemasins McQ! (4x80) ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Great to see Lugod lists once again accessible. :) On Sat, Mar 21, 2015 at 10:54:32PM -0700, Alex Mandel wrote: If you're seeing this on the list then I think it's fixed. -Alex On 03/21/2015 05:29 PM, Brian E. Lavender wrote: Echo! On Sat, Mar 21, 2015 at 04:58:33PM -0700, Bill Kendrick wrote: Brian came over, I did the song dance to gain access to the account at domaindiscover aka tierra.net, and we fiddled with things. How's it looking now? (5:07pm pacific today will be approx 1hr after the settings were chaged, FYI) -- Brian Lavender http://www.brie.com/brian/ There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies. Professor C. A. R. Hoare The 1980 Turing award lecture ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Brian came over, I did the song dance to gain access to the account at domaindiscover aka tierra.net, and we fiddled with things. How's it looking now? (5:07pm pacific today will be approx 1hr after the settings were chaged, FYI) -bill! On Mon, Mar 16, 2015 at 11:56:21PM -0700, Wes Hardaker wrote: Bill Kendrick n...@sonic.net writes: On Mon, Feb 23, 2015 at 11:24:10AM -0800, Rod Roark wrote: On 02/23/2015 11:20 AM, Brian E. Lavender wrote: Hey, so word is that some can't send email to the lugod lists because the mailserver the MX record is a CNAME rather than an A record? brian Dunno who's administering the lugod.org domain, but whoever that is should be able to fix it. That'd be me. Thx for looking into it folks, I'll try to figure it out next time I'm on my home laptop (which has all the creds to get into things). Hiya. DNS geek here. Things are still technically incorrect as currently deployed. You aren't supposed to have a name after a service referral (in this case an MX) that is itself a CNAME referral. This is fine: # dig lugod.org mx ;; ANSWER SECTION: lugod.org. 3600IN MX 10 www.lugod.org. This is not: # dig www.lugod.org. ;; ANSWER SECTION: www.lugod.org. 3600IN CNAME lugod.org. lugod.org. 3600IN A 173.13.165.50 *some* (most) DNS resolution software lets you get away with that, but it's not legal according to the DNS RFCs and shouldn't be done. The right thing to do would be to replace the MX record so it looked like this: lugod.org. 3600IN MX 10 lugod.org. Which would then work. Though, the best thing to do is actually create a new host record: lugod.org. 3600IN MX 10 mail.lugod.org. mail.lugod.org. 3600IN A 173.13.165.50 :-) -- Wes Hardaker My Pictures: http://capturedonearth.com/ My Thoughts: http://pontifications.hardakers.net/ ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech -- -bill! Sent from my computer ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Quoting Bill Kendrick (n...@sonic.net): Brian came over, I did the song dance to gain access to the account at domaindiscover aka tierra.net, and we fiddled with things. How's it looking now? Would you consider posting the new zonefile so it can be seen in its entirety? Understandably, the authoritative nameservers don't permit random members of the public to pull those down. $ dig -t axfr lugod.org @NS1.TIERRA.NET ; Transfer failed. $ dig -t axfr lugod.org @NS2.TIERRA.NET ; Transfer failed. $ One fine point: RFC 2182's recommendation is minimum three, maximum seven authoritative nameservers. Two is disrecommended as too thin. The choice of two only might be dictated by your chosen hosting provider, which doesn't make this error any smarter, but does make it more difficult to overcome. (Shortchanging redundancy is sadly common among ISPs.) Personally, I use mutual nameservice with other technical people -- and I do follow my own advice, too: $ whois linuxmafia.com | grep '^Name Server: ' | wc -l 5 $ ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Echo! On Sat, Mar 21, 2015 at 04:58:33PM -0700, Bill Kendrick wrote: Brian came over, I did the song dance to gain access to the account at domaindiscover aka tierra.net, and we fiddled with things. How's it looking now? (5:07pm pacific today will be approx 1hr after the settings were chaged, FYI) -bill! On Mon, Mar 16, 2015 at 11:56:21PM -0700, Wes Hardaker wrote: Bill Kendrick n...@sonic.net writes: On Mon, Feb 23, 2015 at 11:24:10AM -0800, Rod Roark wrote: On 02/23/2015 11:20 AM, Brian E. Lavender wrote: Hey, so word is that some can't send email to the lugod lists because the mailserver the MX record is a CNAME rather than an A record? brian Dunno who's administering the lugod.org domain, but whoever that is should be able to fix it. That'd be me. Thx for looking into it folks, I'll try to figure it out next time I'm on my home laptop (which has all the creds to get into things). Hiya. DNS geek here. Things are still technically incorrect as currently deployed. You aren't supposed to have a name after a service referral (in this case an MX) that is itself a CNAME referral. This is fine: # dig lugod.org mx ;; ANSWER SECTION: lugod.org. 3600IN MX 10 www.lugod.org. This is not: # dig www.lugod.org. ;; ANSWER SECTION: www.lugod.org. 3600IN CNAME lugod.org. lugod.org. 3600IN A 173.13.165.50 *some* (most) DNS resolution software lets you get away with that, but it's not legal according to the DNS RFCs and shouldn't be done. The right thing to do would be to replace the MX record so it looked like this: lugod.org. 3600IN MX 10 lugod.org. Which would then work. Though, the best thing to do is actually create a new host record: lugod.org. 3600IN MX 10 mail.lugod.org. mail.lugod.org. 3600IN A 173.13.165.50 :-) -- Wes Hardaker My Pictures: http://capturedonearth.com/ My Thoughts: http://pontifications.hardakers.net/ ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech -- -bill! Sent from my computer ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech -- Brian Lavender http://www.brie.com/brian/ There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies. Professor C. A. R. Hoare The 1980 Turing award lecture ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
If you're seeing this on the list then I think it's fixed. -Alex On 03/21/2015 05:29 PM, Brian E. Lavender wrote: Echo! On Sat, Mar 21, 2015 at 04:58:33PM -0700, Bill Kendrick wrote: Brian came over, I did the song dance to gain access to the account at domaindiscover aka tierra.net, and we fiddled with things. How's it looking now? (5:07pm pacific today will be approx 1hr after the settings were chaged, FYI) -bill! On Mon, Mar 16, 2015 at 11:56:21PM -0700, Wes Hardaker wrote: Bill Kendrick n...@sonic.net writes: On Mon, Feb 23, 2015 at 11:24:10AM -0800, Rod Roark wrote: On 02/23/2015 11:20 AM, Brian E. Lavender wrote: Hey, so word is that some can't send email to the lugod lists because the mailserver the MX record is a CNAME rather than an A record? brian Dunno who's administering the lugod.org domain, but whoever that is should be able to fix it. That'd be me. Thx for looking into it folks, I'll try to figure it out next time I'm on my home laptop (which has all the creds to get into things). Hiya. DNS geek here. Things are still technically incorrect as currently deployed. You aren't supposed to have a name after a service referral (in this case an MX) that is itself a CNAME referral. This is fine: # dig lugod.org mx ;; ANSWER SECTION: lugod.org. 3600IN MX 10 www.lugod.org. This is not: # dig www.lugod.org. ;; ANSWER SECTION: www.lugod.org. 3600IN CNAME lugod.org. lugod.org. 3600IN A 173.13.165.50 *some* (most) DNS resolution software lets you get away with that, but it's not legal according to the DNS RFCs and shouldn't be done. The right thing to do would be to replace the MX record so it looked like this: lugod.org. 3600IN MX 10 lugod.org. Which would then work. Though, the best thing to do is actually create a new host record: lugod.org. 3600IN MX 10 mail.lugod.org. mail.lugod.org. 3600IN A 173.13.165.50 :-) -- Wes Hardaker My Pictures: http://capturedonearth.com/ My Thoughts: http://pontifications.hardakers.net/ ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech -- -bill! Sent from my computer ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Trying to push Bill to get the password so that we can fix this... Apparently, the dns is hosted at same as the registrar. brian On Mon, Mar 16, 2015 at 11:56:21PM -0700, Wes Hardaker wrote: Bill Kendrick n...@sonic.net writes: On Mon, Feb 23, 2015 at 11:24:10AM -0800, Rod Roark wrote: On 02/23/2015 11:20 AM, Brian E. Lavender wrote: Hey, so word is that some can't send email to the lugod lists because the mailserver the MX record is a CNAME rather than an A record? brian Dunno who's administering the lugod.org domain, but whoever that is should be able to fix it. That'd be me. Thx for looking into it folks, I'll try to figure it out next time I'm on my home laptop (which has all the creds to get into things). Hiya. DNS geek here. Things are still technically incorrect as currently deployed. You aren't supposed to have a name after a service referral (in this case an MX) that is itself a CNAME referral. This is fine: # dig lugod.org mx ;; ANSWER SECTION: lugod.org. 3600IN MX 10 www.lugod.org. This is not: # dig www.lugod.org. ;; ANSWER SECTION: www.lugod.org. 3600IN CNAME lugod.org. lugod.org. 3600IN A 173.13.165.50 *some* (most) DNS resolution software lets you get away with that, but it's not legal according to the DNS RFCs and shouldn't be done. The right thing to do would be to replace the MX record so it looked like this: lugod.org. 3600IN MX 10 lugod.org. Which would then work. Though, the best thing to do is actually create a new host record: lugod.org. 3600IN MX 10 mail.lugod.org. mail.lugod.org. 3600IN A 173.13.165.50 :-) -- Wes Hardaker My Pictures: http://capturedonearth.com/ My Thoughts: http://pontifications.hardakers.net/ ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech -- Brian Lavender http://www.brie.com/brian/ There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies. Professor C. A. R. Hoare The 1980 Turing award lecture ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Bill Kendrick n...@sonic.net writes: On Mon, Feb 23, 2015 at 11:24:10AM -0800, Rod Roark wrote: On 02/23/2015 11:20 AM, Brian E. Lavender wrote: Hey, so word is that some can't send email to the lugod lists because the mailserver the MX record is a CNAME rather than an A record? brian Dunno who's administering the lugod.org domain, but whoever that is should be able to fix it. That'd be me. Thx for looking into it folks, I'll try to figure it out next time I'm on my home laptop (which has all the creds to get into things). Hiya. DNS geek here. Things are still technically incorrect as currently deployed. You aren't supposed to have a name after a service referral (in this case an MX) that is itself a CNAME referral. This is fine: # dig lugod.org mx ;; ANSWER SECTION: lugod.org. 3600IN MX 10 www.lugod.org. This is not: # dig www.lugod.org. ;; ANSWER SECTION: www.lugod.org. 3600IN CNAME lugod.org. lugod.org. 3600IN A 173.13.165.50 *some* (most) DNS resolution software lets you get away with that, but it's not legal according to the DNS RFCs and shouldn't be done. The right thing to do would be to replace the MX record so it looked like this: lugod.org. 3600IN MX 10 lugod.org. Which would then work. Though, the best thing to do is actually create a new host record: lugod.org. 3600IN MX 10 mail.lugod.org. mail.lugod.org. 3600IN A 173.13.165.50 :-) -- Wes Hardaker My Pictures: http://capturedonearth.com/ My Thoughts: http://pontifications.hardakers.net/ ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
On Tue, Mar 17, 2015 at 05:41:32PM -0700, Tony Cratz wrote: On 03/16/2015 11:56 PM, Wes Hardaker wrote: This is fine: # dig lugod.org mx ;; ANSWER SECTION: lugod.org. 3600IN MX 10 www.lugod.org. This is not: # dig www.lugod.org. ;; ANSWER SECTION: www.lugod.org. 3600IN CNAME lugod.org. lugod.org. 3600IN A 173.13.165.50 *some* (most) DNS resolution software lets you get away with that, but it's not legal according to the DNS RFCs and shouldn't be done. The right thing to do would be to replace the MX record so it looked like this: lugod.org. 3600IN MX 10 lugod.org. Which would then work. Though, the best thing to do is actually create a new host record: lugod.org. 3600IN MX 10 mail.lugod.org. mail.lugod.org. 3600IN A 173.13.165.50 In all the years of be being a Sys. Admin., this issue has been very high on the problem list. I have gotten to the point where I refuse to ever use a CNAME. I wish that CNAME was never invented. Tony Yeah, but honestly why is it a problem anyway? Sure it allows creating DNS loops and other weird stuff, but it can also be useful (like a lot of things that can make loops). It is possible with a sophisticated DNS service like Amazon Route53 to resolve the equivalent sort of logic internally and spit out an A record in response to the first request, and still allow geo or other load balancing. At my work we use Route53, and it lets us also chain CNAMEs if we choose. The benefit of that I think is it makes it easier for the client to see how the logic is working. I can see both sides here, but why should this be a rule? -Nick ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
On 03/16/2015 11:56 PM, Wes Hardaker wrote: This is fine: # dig lugod.org mx ;; ANSWER SECTION: lugod.org. 3600IN MX 10 www.lugod.org. This is not: # dig www.lugod.org. ;; ANSWER SECTION: www.lugod.org. 3600IN CNAME lugod.org. lugod.org. 3600IN A 173.13.165.50 *some* (most) DNS resolution software lets you get away with that, but it's not legal according to the DNS RFCs and shouldn't be done. The right thing to do would be to replace the MX record so it looked like this: lugod.org. 3600IN MX 10 lugod.org. Which would then work. Though, the best thing to do is actually create a new host record: lugod.org. 3600IN MX 10 mail.lugod.org. mail.lugod.org. 3600IN A 173.13.165.50 In all the years of be being a Sys. Admin., this issue has been very high on the problem list. I have gotten to the point where I refuse to ever use a CNAME. I wish that CNAME was never invented. Tony ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Quoting Nick Schmalenberger (n...@schmalenberger.us): Yeah, but honestly why is it a problem anyway? Sure it allows creating DNS loops and other weird stuff, but it can also be useful (like a lot of things that can make loops). Be sure to use numerous long chains of symlinks in your filesystems, too, and report back in a few years. Hey, what harm can a bunch of indirect reference do? ;- -- Cheers, Atque memento, nulli adsunt Romanorum Rick Moen qui locutionem tuam corrigant. r...@linuxmafia.com McQ! (4x80) ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
On 02/23/2015 11:20 AM, Brian E. Lavender wrote: Hey, so word is that some can't send email to the lugod lists because the mailserver the MX record is a CNAME rather than an A record? brian Dunno who's administering the lugod.org domain, but whoever that is should be able to fix it. Rod ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
[vox-tech] some people can't send to list
Hey, so word is that some can't send email to the lugod lists because the mailserver the MX record is a CNAME rather than an A record? brian -- Brian Lavender http://www.brie.com/brian/ There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies. Professor C. A. R. Hoare The 1980 Turing award lecture ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Well, I received your message at least! On Mon, 23 Feb 2015, Brian E. Lavender wrote: Hey, so word is that some can't send email to the lugod lists because the mailserver the MX record is a CNAME rather than an A record? brian -- Brian Lavender http://www.brie.com/brian/ There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies. Professor C. A. R. Hoare The 1980 Turing award lecture ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Quoting Brian E. Lavender (br...@brie.com): Hey, so word is that some can't send email to the lugod lists because the mailserver the MX record is a CNAME rather than an A record? That is known to be a common problem. I hear there are a number of MTAs that refuse to deliver to RFC-noncompliant sites. People relatively new to maintaining DNS zonefiles tend to drastically overuse CNAMEs, I notice. My own recommendation is to _never_ use a CNAME for any use-case in which an A record will do the job -- because an 'A' record will never get you into trouble in exactly the situations where a CNAME can (MX and NS records), and because overuse of CNAMEs tends over time to create a tangle of indirect reference. That tangle can then lead to further problems, like removing an 'A' record but forgetting to hunt down and repoint the CNAMEs resolving to it. There is exactly one use-case that actually requires a CNAME: pointer to an 'A' record in a different DNS zone. I personally use them for that function _only_, and nowhere else. Some readers may be thinking 'But the advantage of my CNAMEs is that I only need to update an IP in one place. Using A records instead, I'll have to update the same IP in lots of places.' Correct -- but smart people use sed (or equivalent). Which means it's the same action to update an IP in hundreds of lines as on one line. Avoiding CNAMEs where such are not necessary also eliminates multiple DNS lookups. In that sense, unnecessary CNAMEs are like unnecesary symlinks. -- This message falsely claims to have been scanned for viruses with F-Secure Anti-Virus for Microsoft Exchange and to have been found clean. ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech
Re: [vox-tech] some people can't send to list
Consider me a proxy for the person having the problem. On Mon, Feb 23, 2015 at 11:51:45AM -0800, Chris Jenks wrote: Well, I received your message at least! On Mon, 23 Feb 2015, Brian E. Lavender wrote: Hey, so word is that some can't send email to the lugod lists because the mailserver the MX record is a CNAME rather than an A record? brian -- Brian Lavender http://www.brie.com/brian/ There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies. Professor C. A. R. Hoare The 1980 Turing award lecture ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech -- Brian Lavender http://www.brie.com/brian/ There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies. Professor C. A. R. Hoare The 1980 Turing award lecture ___ vox-tech mailing list vox-tech@lists.lugod.org http://lists.lugod.org/mailman/listinfo/vox-tech