Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

CNAME for Azure application causes email problems with MX and A records ignored

Tags:

email

dns

azure

cname

mx-record

We have an application running on Microsoft Azure and have set up a CNAME record to cover the domain so we can have the nice URL of http://example.com (note I am replacing our real domain with example.com throughout this).

CNAME
mydomain.com -> mydomainapp.cloudapp.net

We have MX and A records setup correctly so MX contains mailserver.example.com and an A record that points mailserver to the correct IP address.

MX
mailserver.example.com

A
mailserver -> 198.168.111.111 (note this IP is fictitious)

All fine, for most email BUT for some mailservers (not sure what technology yet) they are now using the CNAME instead of the MX and A records.

So an email addressed to [email protected] is actually sent to [email protected] where example.cloudapp.net is the domain on Azure that we have mapped with the CNAME.

EMAIL TO: [email protected]
BECOMES: [email protected]

The only suggestions I can find simply say DO NOT have domain level CNAME or do not use CNAME at all, but of course Azure IP addresses can change so we have to use CNAME. We could prefix everything www.example.com but surely there must be a better solution.

Any ideas much appreciated.

like image 379
Jezbers Avatar asked Apr 08 '13 18:04

Jezbers

1 Answers

It is not possible to use a CNAME record on the domain-level, as CNAMEs is an alias for all RR types so it will always cause redirection for MX, SOA, NS, etc. lookups as well.

The following excerpt from RFC1912 section 2.4 says it very clearly:

A CNAME record is not allowed to coexist with any other data. In
other words, if suzy.podunk.xx is an alias for sue.podunk.xx, you
can't also have an MX record for suzy.podunk.edu, or an A record, or
even a TXT record. Especially do not try to combine CNAMEs and NS
records like this!:

       podunk.xx.      IN      NS      ns1
                       IN      NS      ns2
                       IN      CNAME   mary
       mary            IN      A       1.2.3.4

This is often attempted by inexperienced administrators as an obvious way to allow your domain name to also be a host. However, DNS servers like BIND will see the CNAME and refuse to add any other resources for that name. Since no other records are allowed to coexist with a CNAME, the NS entries are ignored. Therefore all the hosts in the podunk.xx domain are ignored as well!

So you must not use a CNAME-record for mydomain.com!

So you must set an A-record for mydomain.com (among MX:s and other records as needed), because that is the only working solution DNS-wise.

like image 82
krisku Avatar answered Sep 30 '22 09:09

krisku
Sign in to Comment

Related questions

Use DefaultNetworkCredential under TLS encryption?
Postfix - Recipient address rejected: User unknown in local recipient table
How to configure spring-boot to send email via sendGrid?
In Python how to convert an `email.message.Message` object into an `email.message.EmailMessage` object
"Quoted-printable line longer than 76 chars" warning when sending HTML E-Mail
Processing incoming email
Send thousands of emails at a time, pitfalls/best way?
Emailing A Dynamically Created PDF Through PHP
Launching my app using the intent URI
Use Table tag in Android Email
how to avoid my sent email not be classified as spam? [closed]
Sending email using smtp and setting the message-id
How can I attach multiple files to an ActionMailer mail object? (Without it attaching several unwanted text files as well.)
Directing email for a domain to AppEngine email receiving service?
Whats is this format called? "/o=First Organization/ou=First Administrative Group/cn=Recipients/cn=user"
Generating multiple encoded HTML/Text emails T-SQL
How to embed an image in the HTML body of an email in iOS
Is there an error in PHP's imap_fetch_overview()-function when reading headers with brackets?
Email server on EC2 with an elastic load balancer
mail function is not working in localhost server

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!