out of place mx records.

Matus UHLAR - fantomas uhlar at fantomas.sk
Fri Nov 12 13:56:57 UTC 2010

On 29.10.10 12:49, Mark Andrews wrote:
> And they can do a SMTP level rejection rather than waiting for the
> sending server to abandon sending the email due to multiple timeouts.
> Just return 550 for all mail directed to users at those hosts.   It
> would be nice if we could standardise a MX target of "." as saying
> that this domain doesn't accept email e.g. "MX 0 ." the same way
> as "SRV 0 0 0 ." means that there is no service for the named
> protocol.  That way the sending MTA or the MSA can reject the email.
> Every time it get suggested people shoot it down worrying about
> private nets that have addresses at "." or get worried about thousands
> of machines making A/AAAA queries for "." where the MTA doesn't
> check that the MX target is a valid host name.

the same would apply for any other hostname not recognized by mailservers.
Even localhost, if some servers do not contain zone for it.

Technically the best solution would be dropping fallback for A address,
however it's apparently unapplicable (or would take years).


I was told that "." is not a valid hostname and that it causes DNSSEC
problems, at least with debian's named (9.6 ESV now, 9.5.1 before)
... can you confirm this?
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Support bacteria - they're the only culture some people have. 

More information about the bind-users mailing list