Wildcards in MX Record Domain Names

[Joseph S D Yao]

On Wed, Dec 15, 1999 at 07:44:46PM -0500, Kevin Darcy wrote:
> Joseph S D Yao wrote:
> 
> > On Fri, Dec 10, 1999 at 11:16:40AM -0500, Robert Setterlund wrote:
> > > Are the below MX records supported in Bind 8.X?
> > >
> > > *.org   IN   MX   10   firewallrelay.mayo.org
> > > *.gov   IN   MX   10   firewallrelay.mayo.org
> > > *.        IN   MX    10  firewallrelay.mayo.org
> >
> > Yes.  But this is probably not the right way of doing this.  You should
> > really put a relay host into your sendmail.cf file, to send all
> > non-local e-mail to your firewall.
> 
> Why? Is it easier to custom-configure dozens or hundreds of sendmail.cf's
> than it is one master file on an internal root server? ...

This response assumes that in a network it is easier to configure DNS
properly all over than it is to configure sendmail all over.  Mine
assumed the opposite.  Different experiences.

Both have the same goal: to get the internal mail servers to send
"non-local" [for some definition of "non-local"] e-mail to the firewall
for relaying to the Big Bad Internet.

The "better" one would be whichever one better fits the "truth".  It's
always easier to maintain a consistent story if you're telling the
truth.  ;-)  And, "Say What You Mean" is Joe's First Law of Software
Engineering.  My first impression was that the MX trick, above, violated
this.  But within its domain, as Kevin has pointed out, it does NOT.  It
is true.

I will continue to use my sendmail configuration, since it suits my
needs better.  [Everybody thinks they can meddle with DNS at their whim.
Everybody is afraid to touch sendmail.cf.  ;-)]  I do note that one
advantage to the MX solution is that one can specify failover firewalls
with that, but not with the sendmail relay.

-- 
Joe Yao				jsdy at cospo.osis.gov - Joseph S. D. Yao
COSPO/OSIS Computer Support					EMT-B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.