On 5/12/11 5:09 PM, Sam Clippinger wrote: > In a nutshell, some > administrators (groupon.com) have created DNS records that are > technically legal but logically stupid and they tickle a small bug in > spamdyke. It's legal and desirable! A FQDN may resolve to an IP address, but the machine that the IP address points to does NOT handle inbound mail for that FQDN. You absolutely need an A record *and* an MX record for that FQDN.
For example, I have panoptic.com configured with IN A 96.56.31.42, and IN MX mx1.panoptic.com. mx1.panoptic.com IN A 96.56.31.42, but if I ever want to redirect inbound mail, I can do so by simply changing the IN A record for mx1.panoptic.com to point to a different IP. This is very common - gmail.com is set up similarly (with both A and MX records). It's pretty much the standard pattern for DNS configuration. Now, I can even define an MX record for mx1.panoptic.com, so if someone (for some foolish reason) wants to send mail to usern...@mx1.panoptic.com, I can have it routed *elsewhere* and not actually delivered to the IP of mx1.panoptic.com itself. This is an unlikely scenario, but one that certainly has very legitimate use cases, such as third-party email providers. This isn't "logically stupid" at all - it's exactly this kind of flexibility in the DNS design that makes outsourced email delivery separate from outsourced email reception possible. -- Dossy Shiobara | "He realized the fastest way to change do...@panoptic.com | is to laugh at your own folly -- then you http://panoptic.com/ | can let go and quickly move on." (p. 70) * WordPress * jQuery * MySQL * Security * Business Continuity * _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
