Reverse lookup mx records and cnames

David Botham DBotham at OptimusSolutions.com
Tue May 10 15:26:57 UTC 2005


bind-users-bounce at isc.org wrote on 05/10/2005 04:28:25 AM:
> Hello.
> I'm not sure what to do.
> 
> I have lots of servers which have a record such as
>  mail.customerdomain IN A 10.1.1.1
> The MX record for each domain is something like
>  customerdomain IN MX mail.customerdomain

The above RR should have a preference after the MX:

customerdomain IN MX 10 mail.customerdomain


> 
> This works fine, but you can get a listing of all customers by doing a
> reverse lookup on 10.1.1.1, which is our mail server. This isn't good.
> 
> I've thought of two ways to fix this:
>  1. Use a CNAME for the MX record to point to our mail server.
>    This isn't allowed or recommended.
>  2. Hack the reverse zone to only return our mail server name.
>    This is a hack.
> 
> Can anyone offer me any advice?

Yes, in each zone file for your customers make the MX RR look like this:



customerdomain.com.     IN  MX 10 smtp.providerdomain.com.



In the zone file for providerdomain.com (your domain), have the following 
entry:

smtp.providerdomain.com. A 10.1.1.1


In the 1.1.10.in-addr.arpa zone put the following RR:


1       PTR     smtp.providerdomain.com.


The only one to see MX RR's is the remote mail server.  There is no vanity 
/ name brand recognition value in having an MX RR with your domain name in 
it.


hth,


Dave...





> 
> 




More information about the bind-users mailing list