Reverse lookup mx records and cnames
David Botham
DBotham at OptimusSolutions.com
Tue May 10 15:26:57 UTC 2005
bind-users-bounce at isc.org wrote on 05/10/2005 04:28:25 AM:
> Hello.
> I'm not sure what to do.
>
> I have lots of servers which have a record such as
> mail.customerdomain IN A 10.1.1.1
> The MX record for each domain is something like
> customerdomain IN MX mail.customerdomain
The above RR should have a preference after the MX:
customerdomain IN MX 10 mail.customerdomain
>
> This works fine, but you can get a listing of all customers by doing a
> reverse lookup on 10.1.1.1, which is our mail server. This isn't good.
>
> I've thought of two ways to fix this:
> 1. Use a CNAME for the MX record to point to our mail server.
> This isn't allowed or recommended.
> 2. Hack the reverse zone to only return our mail server name.
> This is a hack.
>
> Can anyone offer me any advice?
Yes, in each zone file for your customers make the MX RR look like this:
customerdomain.com. IN MX 10 smtp.providerdomain.com.
In the zone file for providerdomain.com (your domain), have the following
entry:
smtp.providerdomain.com. A 10.1.1.1
In the 1.1.10.in-addr.arpa zone put the following RR:
1 PTR smtp.providerdomain.com.
The only one to see MX RR's is the remote mail server. There is no vanity
/ name brand recognition value in having an MX RR with your domain name in
it.
hth,
Dave...
>
>
More information about the bind-users
mailing list