DNS question, null MX records
Tony Finch
dot at dotat.at
Fri Dec 18 11:46:39 UTC 2009
On Thu, 17 Dec 2009, James Hess wrote:
> Other tricks may be more obscure, will be less obvious that you don't
> want mail, and may look like a mistake -- you might even get visitors to
> your domain contacting you to report the broken MX record.
I think that's true with the suggestions in the rest of your post.
> An alternative to resolving MX to an invalid IP might be to cut to the
> chase and just make further DNS lookups impossible altogether...
> Or for that matter delegate the subdomain to 255.255.255.255.
> The recursive resolvers already have to immediately reject DNS
> delegation to broadcast addresses and the like.
That'll result in a SERVFAIL DNS reply which the MTA will treat as
a temporary failure. Remember the aim is to get MTAs to give up on
undeliverable mail immediately.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS.
MODERATE OR GOOD.
More information about the NANOG
mailing list