DNS question, null MX records

Tony Finch dot at dotat.at
Fri Dec 18 11:46:39 UTC 2009


On Thu, 17 Dec 2009, James Hess wrote:

> Other tricks may be more obscure, will be less obvious that you don't
> want mail, and may look like a mistake -- you might even get visitors to
> your domain contacting you to report the broken MX record.

I think that's true with the suggestions in the rest of your post.

> An alternative to resolving MX to an invalid IP might be to cut to the
> chase and just  make further  DNS lookups impossible altogether...
> Or  for that matter  delegate the subdomain to  255.255.255.255.
> The recursive resolvers  already have to immediately reject DNS
> delegation to broadcast addresses and the like.

That'll result in a SERVFAIL DNS reply which the MTA will treat as
a temporary failure. Remember the aim is to get MTAs to give up on
undeliverable mail immediately.

Tony.
-- 
f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/
GERMAN BIGHT HUMBER: SOUTHWEST 5 TO 7. MODERATE OR ROUGH. SQUALLY SHOWERS.
MODERATE OR GOOD.




More information about the NANOG mailing list