Was this ultimately an Akamai issue? Anyone else seeing DNS issues today? -----Original Message----- From: Adam Debus [mailto:nanog@delsol.net] Sent: Thursday, April 03, 2003 3:40 PM To: nanog@merit.edu Subject: Re: Foxnews / MSNBC Thanks everyone for your responses! Thanks, Adam Debus Linux Certified Professional, Linux Certified Administrator #447641 Network Administrator, ReachONE Internet adam@reachone.com
Brennan_Murphy@NAI.com wrote:
Was this ultimately an Akamai issue?
I had a hard time getting to "Fox News" Today, as well..... :) .Richard. [This was actually just a posting test, please ignore... :) ] http://www.pravda.ru/
Anyone else seeing DNS issues today?
Please forgive if this has been discussed, beaten, or decided previously here on the list. A recent issue I encountered has prompted me to ask the following question. What I am looking for is clarification regarding the "proper" way of implementing Mail Exchange records, etc. I have always been under the impression (or taught at least) that an MX record was necessary (required) for mail exchange. I at least believed that this was the correct way. Recently, we implemented a new mail server at our facility and started having some issues relaying mail to a few domains. Although this has already been resolved, I was under the impression that these two domains where the actual problem since I could not resolve an MX record for either one. Since then I have learned that some MTA's will look for an A record if it cannot find an MX record and use the A record instead. Is this acceptable (in a "best case scenario") as a correct method? Obviously some admins I have encountered are starting to host mailservers for sub-domains and domains without MX entries on their DNS zone records. Relying on the A record alone. Gerardo A. Gregory
On Thu, 03 Apr 2003 15:58:53 CST, Gerardo Gregory said:
I have always been under the impression (or taught at least) that an MX record was necessary (required) for mail exchange. I at least believed that this was the correct way. Recently, we implemented a new mail server at our
It's the preferred way, but not required. Then there's those bozo sites (mostly spammers) that ignore MX and go directly to the A record value.. Blegga...
In message <courier.3E8CAE9D.00002141@affinitas.org>, "Gerardo Gregory" writes:
Since then I have learned that some MTA's will look for an A record if it cannot find an MX record and use the A record instead.
That's indeed what the standard says. I put it into RFC 973 after consulting with Jon Postel about preferred ways to ensure robust delivery. Craig
On Thu, Apr 03, 2003 at 03:58:53PM -0600, Gerardo Gregory wrote:
A recent issue I encountered has prompted me to ask the following question. What I am looking for is clarification regarding the "proper" way of implementing Mail Exchange records, etc.
I have always been under the impression (or taught at least) that an MX record was necessary (required) for mail exchange. I at least believed that this was the correct way. Recently, we implemented a new mail server at our facility and started having some issues relaying mail to a few domains. Although this has already been resolved, I was under the impression that these two domains where the actual problem since I could not resolve an MX record for either one.
Since then I have learned that some MTA's will look for an A record if it cannot find an MX record and use the A record instead.
An MX record is good practice, but is not required or necessary. If an MX record exists, the MX record must be used; otherwise mail will be delivered to the host to which the A record points. -- The Pope has said this war is wrong, that it is a Sin. The Pope! But even worse, the Dixie Chicks have now come out against you! How bad does it have to get before you realize that you are an army of one on this war? - Michael Moore
Gerardo Gregory wrote: <snip>
Since then I have learned that some MTA's will look for an A record if it cannot find an MX record and use the A record instead.
Once upon a time that was near all Micr0$loth did...
Is this acceptable (in a "best case scenario") as a correct method?
It isn't exactly completely RFC compliant, but, it is only a -=Request=-, eh ? But, FWIW, since when is a system =-without-= proper fall backs, a "best case scenario" ?
Obviously some admins I have encountered are starting to host mailservers for sub-domains and domains without MX entries on their DNS zone records. Relying on the A record alone.
Lemmings make a mad dash towards a cliff, every so often, en masse.... * shrug * Go figure. :P
Gerardo A. Gregory
:)
I greatly appreciate to all who responded to this post (on and off list), and those who provided reference RFC's. Thanks, Gerardo A. Gregory
On Thu, Apr 03, 2003 at 05:25:35PM -0500, Richard Irving wrote:
It isn't exactly completely RFC compliant, but, it is only a -=Request=-, eh ?
It is in fact required that an MTA fall back to the A record for a domain if an MX record does not exist. See RFC 2821, Section 5, "Address Resolution and Mail Handling".
Obviously some admins I have encountered are starting to host mailservers for sub-domains and domains without MX entries on their DNS zone records. Relying on the A record alone.
Lemmings make a mad dash towards a cliff, every so often, en masse....
This is a fallacy perpetrated by Disney. http://www.snopes.com/disney/films/lemmings.htm --Adam
Adam McKenna wrote:
On Thu, Apr 03, 2003 at 05:25:35PM -0500, Richard Irving wrote:
It isn't exactly completely RFC compliant, but, it is only a -=Request=-, eh ?
It is in fact required that an MTA fall back to the A record for a domain if an MX record does not exist. See RFC 2821, Section 5, "Address Resolution and Mail Handling".
Agreed, but nothing -requires- an MTA Agent have an MX record, in the first place.... it is just a best CBP. Not having one means you don't comply with ALL the RFC, but you are still RFC compliant. Not the same thing, FWIW.
Obviously some admins I have encountered are starting to host mailservers for sub-domains and domains without MX entries on their DNS zone records. Relying on the A record alone.
Lemmings make a mad dash towards a cliff, every so often, en masse....
This is a fallacy perpetrated by Disney.
No, that they are committing suicide is a fallacy. That they jump up and begin migrating to lower population density regions is fact... and they "just happen" to suicide in the process. But, heck, ignore this one citation, and reference recent notions that war is possibly "programmed into our gene's".... similar concept. Similar irrational mass behavior. Remember American Prohibition ? (aka: 21'st Amendment) rode in on the idea that Absinth was "Evil Incarnate", and yes, "the young were being lead to Hell itself....Damned!" They were drinking Absinth, listening to no less than the Devil's -=Own=- Music! Imagine that, kids listening to Devil Music! (Ozzie, where are you ? "War Pigs" comes to mind...) Yes, Kids listening to "Devil Music" ! A cry not unheard among the generations, and perhaps one you have even heard yourself..... Of course, helping to put it into context of those times, as opposed to your (probably) more recent context: Do you -=still=- concur that JAZZ is the Devil's music ? So, it was irrational behavior of the Masses, eh ? * shrug * Like I said, Lemmings ever so often jump up, and make a mad dash......
However, I feel that perhaps this discussion does NOT belong on NANOG..... head to Nanog off topic, if you would like to continue the discussion.... ;)
--Adam
On Fri, Apr 04, 2003 at 04:04:54PM -0500, Richard Irving wrote:
Agreed, but nothing -requires- an MTA Agent have an MX record, in the first place.... it is just a best CBP. Not having one means you don't comply with ALL the RFC, but you are still RFC compliant. Not the same thing, FWIW.
Yes, my point was that hosts that insist on an MX record being present are not RFC-compliant.
Lemmings make a mad dash towards a cliff, every so often, en masse....
This is a fallacy perpetrated by Disney.
No, that they are committing suicide is a fallacy. That they jump up and begin migrating to lower population density regions is fact... and they "just happen" to suicide in the process.
Both are fallacies. They neither commit suicide nor jump off cliffs en masse. But as you demonstrated in the rest of your post, this is getting off topic... --Adam
At 03:58 PM 4/3/2003 -0600, Gerardo Gregory wrote:
Since then I have learned that some MTA's will look for an A record if it cannot find an MX record and use the A record instead.
This is always the case. MX records are only required if you want to have more than one mail exchange servers to serve your domain, e.g. if you want to have a secondary mail server as a relay if the primary server goes down. If you only have one mail exchange server to serve your domain, you don't need MX records. An A record pointing to your mail server is sufficient. -ip-
In message <5.1.0.14.2.20030404101142.02a2b670@indra.webvis.net>, Indra PRAMANA writes:
If you only have one mail exchange server to serve your domain, you don't need MX records. An A record pointing to your mail server is sufficient.
I think what you meant was that an A record for your domain name is sufficient. Recall, A records don't point to anything -- they simply provide the address. Craig
At 09:07 PM 4/3/2003 -0500, Craig Partridge wrote:
If you only have one mail exchange server to serve your domain, you don't need MX records. An A record pointing to your mail server is sufficient.
I think what you meant was that an A record for your domain name is sufficient.
Yes, that's what I meant.
Recall, A records don't point to anything -- they simply provide the address.
Thanks for the correction. -ip-
MX records are only required if you want to have more than one mail exchange servers to serve your domain, e.g. if you want to have a secondary mail server as a relay if the primary server goes down.
actually, i suspect the more common use is that one has a collector server for a lot of local infrastructure, as in @ A 666.42.7.11 foo A 666.42.7.12 MX 0 @ bar A 666.42.7.13 MX 0 @ randy
There is one other situation where you need an MX record. If your domain is foo.com and the A record for foo.com is _NOT_ the machine that accepts mail for foo.com, you need an MX record pointing to the correct machine. Often this will be mail.foo.com or smtp.foo.com. Owen --On Friday, April 4, 2003 10:13 AM +0800 Indra PRAMANA <indra@indra.webvis.net> wrote:
At 03:58 PM 4/3/2003 -0600, Gerardo Gregory wrote:
Since then I have learned that some MTA's will look for an A record if it cannot find an MX record and use the A record instead.
This is always the case. MX records are only required if you want to have more than one mail exchange servers to serve your domain, e.g. if you want to have a secondary mail server as a relay if the primary server goes down.
If you only have one mail exchange server to serve your domain, you don't need MX records. An A record pointing to your mail server is sufficient.
-ip-
At the risk of drifting off topic and draging this on more than I should: On Fri, 4 Apr 2003, Owen DeLong wrote:
There is one other situation where you need an MX record. If your domain is foo.com and the A record for foo.com is _NOT_ the machine that accepts mail for foo.com, you need an MX record pointing to the correct machine. Often this will be mail.foo.com or smtp.foo.com.
Owen
Yes, a very common example of this would be people who use foo.com as the website address and that machine is not capable of accepting mail. I will not comment on this practice, because I might be flamed to a crisp and I left my asbestos underpants at home. :)
--On Friday, April 4, 2003 10:13 AM +0800 Indra PRAMANA <indra@indra.webvis.net> wrote:
At 03:58 PM 4/3/2003 -0600, Gerardo Gregory wrote:
Since then I have learned that some MTA's will look for an A record if it cannot find an MX record and use the A record instead.
This is always the case. MX records are only required if you want to have more than one mail exchange servers to serve your domain, e.g. if you want to have a secondary mail server as a relay if the primary server goes down.
If you only have one mail exchange server to serve your domain, you don't need MX records. An A record pointing to your mail server is sufficient.
-ip-
+--------------------------------------------------------------------------+ | Michael Moscovitch CiteNet Telecom Inc. | | michaelm@citenet.net Tel: (514) 861-5050 | +--------------------------------------------------------------------------+
participants (12)
-
Adam McKenna
-
Brennan_Murphy@NAI.com
-
Craig Partridge
-
Gerardo A. Gregory
-
Gerardo Gregory
-
Indra PRAMANA
-
Michael Moscovitch
-
Owen DeLong
-
Randy Bush
-
Richard Irving
-
Valdis.Kletnieks@vt.edu
-
william+nanog@hq.dreamhost.com