|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: "Correctness" of A, MX and PTR Records
From: Ean Kingston (ean_kingston
kanetix.com)
Date: Mon Dec 13 2004 - 09:38:18 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> -----Original Message-----
> From: L. Mark Stone [mailto:lmstonernome.com]
> Sent: Monday, December 13, 2004 9:55 AM
> To: Postfix users
> Subject: "Correctness" of A, MX and PTR Records
>
> To help settle an internal debate, I am keen to get views on the
> "correctness"
> of A, MX and PTR records for successful mail exchange.
>
> We use postfix to provide gateway email services to some of our
clients,
> along
> with spam cleaning. A prospective client is using a competitor for
network
> maintenance, and they are not happy with their service levels. We were
> asked
> to do a network audit, and we found a number of issues (not just
mail),
> like
> servers that haven't been patched in years, no virus updates for
months,
> etc.
> (don't get me started...). But as far as their mail setup is
concerned,
> none
> of us can say conclusively that their current setup isn't quite right,
> although it isn't how we would have set it up. To convince the
prospect
> to
> move their anti-spam service, as well as their network maintenance to
us,
> we
> are trying to document why their current mail setup may be incorrect,
and
> we
> would be grateful for anyone's views on this, please.
>
> This prospective client is a company whose domain is, say,
"company.com".
> In
> public DNS space, their primary MX record points to
"mail.company.com".
> The A
> record underlying that MX record points to the mail server for a spam
> cleaning service (again, not us). The associated PTR record points to
the
> original mail server provided to company.com by their ISP. The
secondary
> MX
> record points to the ISP's mail server, and the associated A and PTR
> records
> match up.
>
> As far as incoming mail is concerned, the spam cleaning service
processes
> the
> mail for the domain and then is configured to forward it to the
company's
> Exchange server that has a fixed public IP address, but no DNS records
in
> public DNS space.
>
> As far as outgoing mail is concerned, it is all sent through the ISP's
> SMTP
> server.
>
> Can anyone say conclusively that:
>
> 1. This set up is not RFC compliant, or,
Sorry, I don't have time to reread the RFCs but I belive the MX, A, and
PTR records must all be the same name/address from one of the RFCs.
>
> 2. Users in this domain will have trouble sending/receiving email to
some
> domains (and why).
Do they have SPF records?
>
> Thank you!
>
> --
> _______________________________________________________________
> A Message From... L. Mark Stone
>
> Reliable Networks of Maine, LLC
>
> "We manage your network so you can manage your business."
>
> 477 Congress Street
> Portland, ME 04101
> Tel: (207) 772-5678
> Web: http://www.RNoME.com
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]