I put the “Null MX” Record (RFC 7505) into one of my domains yesterday, then those online mail diagnostic tools out there start getting me worried:
It looks like most of those tools do not recognize the Null MX as a special case; they just complain that they cannot find the mail server at “.”
[Sarcasm: as if the root servers are going to provide mail service to a mere mortal like me!]
Among a few shining exceptions (in a good way) is the good ol’ https://bgp.he.net/ which does not show that domain as having any MX record.
[maybe it is also wrong, in the other direction?]
I fear that the MTAs are going to behave that same way, treating my Null MX as a “misconfigured mail server name” and that my record will mean unnecessary extra queries to the root servers. [well, minus cache hit]
So, here comes the questions:
Is there anyone actively using this Null MX? If so, may I please see that actual record line (in BIND zone file format) just to satisfy myself that I wrote mine correctly?
Which one makes more sense from the practical point-of-view: having a Null MX Record for the no-mail domain, or having no MX record at all?
MTAs don’t care what online analysis tools tell you and setting a null MX for a domain that you don’t receive mail for will work just fine, for the reasons explained in the rfc
Having no MX means the smtp connection will fall back to the A record for your domain if one exists
Thats cute, but remember that there are gazylion of legacy systems
on Internet as well. They might have no clue what do do with it..
Also remember that MTA is supposed to accept email to [ip] too.
On my opinion, its best to just have no MX record at all.
While MTA can fallback and try to do delivery by IN A record, I think
its not that big problem. You need to specify for what domains you
accept email anyway. And spammers will not care at all...
OK. In your experience, which legacy system is going to misinterpret this record?
The current RFC is from 2014-15 but the original idea from Mark Delany (then at Yahoo now at Apple) has been kicking around from 2006 or so. I remember contributing some text to the original draft RFC but can’t find any trace of it online right now.
It worked just fine even back then, I assure you. So if there is any legacy MTA that still doesn’t accept it, it probably relies on UUCP domain maps or similar.
Well, I bet my legacy system will bounce it for example...
What specifically is the bounce?
I thought the purpose of the Null MX was to do two things:
1) Provide as an MX that can't be connected to.
2) Serve as a signal to things that know how to interpret it that no mail is to be expected.
I would expect that some server, if not the MSA, /would/ generate a bounce /because/ the email to the domain is undeliverables.
I cant speak about Sendmail, qmail, Exim.. when they started supporting it.
My Sendmail boxes have been dealing with the Null MX just fine. The aforementioned bounce is /expected/ to tell the sender that the destination address is bad.
So, In my opinion changing already working standards in a way
that they arent full compat with old systems is imo bad aproach.
IMHO there is little, if any, effective difference between the Null MX and an MX pointing to an unresolvable name or an non-routed IP. They cause a hard / fast failure in an early upstream MTA thus induce a bounce.
Depending on the MSA, the delivery problem may even be presented to the user as they are submitting the message to the MSA.
Hmm right... Somehow I tought that having that special Null MX
will silently discard message... I dont know why...
So, RFC 7505 is pretty much even pointless in my opinion.
You have to do more.. to pretty much achieve the same..
Its just easier to not having MX on subdomains that does not serve
as email destinations.. Less records in DNS..
Hmm right... Somehow I tought that having that special Null MX
will silently discard message... I dont know why...
So, RFC 7505 is pretty much even pointless in my opinion.
You have to do more.. to pretty much achieve the same..
Its just easier to not having MX on subdomains that does not serve
as email destinations.. Less records in DNS..
It should mean that there is no attempt to deliver email, even if the
domain has an A or AAAA record.
I think just about everything has been said beyond contacting the operators of the
online testing tools and requesting that they update their tool or to take it down.
A broken tool is worse that no tool. The is too much out-of-date stuff on the
Internet. We should all be doing our little bits to correct it or remove it.
1. Is there anyone actively using this Null MX? If so, may I please see
that actual record line (in BIND zone file format) just to satisfy myself
that I wrote mine correctly?
2. Which one makes more sense from the practical point-of-view: having a
Null MX Record for the no-mail domain, or having no MX record at all?
Null MX of course. See section 4 of RFC 7505.
Large mail systems like gmail and recent versions of mail servers like Postfix
all recognize a null MX. I suppose there are some dusty old mail systems
that do something odd with it and throw an error message but so what? You
don't want them to send you mail in the first place.
In article <Pine.LNX.4.64.2102262007230.25288@cube> you write:
Hmm right... Somehow I tought that having that special Null MX
will silently discard message... I dont know why...
So, RFC 7505 is pretty much even pointless in my opinion.
You have to do more.. to pretty much achieve the same..
Its just easier to not having MX on subdomains that does not serve
as email destinations.. Less records in DNS..
Please reread RFC 7505 section 4.
I presume you are aware that SMTP falls back to A records only if there
is no MX record. If there is any MX record, null or otherwise, mail
clients don't look for an A or AAAA.
Hmm right... Somehow I tought that having that special Null MX will silently discard message... I dont know why...
It's Friday. I'm presuming that many of us have had a long week and are ready for the weekend.
So, RFC 7505 is pretty much even pointless in my opinion.
No, it's not pointless. See Alan's reply to my previous message for why a Null MX helps as a sender / MSA operator.
See point #2 in my previous message for why you care about Null MX as a receiver.
You have to do more.. to pretty much achieve the same.
But it's not the same.
You cause hard failures fast. It means that sending servers should never contact the A / AAAA addresses, much less every time the sending system retries to send. So you do save yourself some CPU cycles as a recipient.
Its just easier to not having MX on subdomains that does not serve as email destinations.. Less records in DNS.
Easier has seldom been better.
If you publish a Null MX for said subdomain(s), my server will give up immediately. If you don't publish a Null MX, my server will pester your A / AAAA IPs every four hours for days at a time.
