No CNAME on a domain record only on subdomains
We were having some mail problems. This is not always the case but we now found the culprit. The problem was that our domain record *had* a CNAME record referring to the A record of the webserver. Some mail servers will use the CNAME record instead of the MX record when the smtp server needs to be resolved.
mywebserver.mydomain.com A 127.0.0.1
mydomain.com CNAME mywebserver.mydomain.com
www.mydomain.com CNAME mywebserver.mydomain.com
This will result in lots of mail servers not being able to deliver the mail. So today’s (DNS) lessons learned are:
- Do not set a CNAME record on your domain
- Do not use a CNAME record for a catch all (*.mydomain.com) as this too suffers from the same problems.
You can still use CNAME records for your ‘service’ subdomains that refer to actual hosts (A and AAAA records). This is still the most efficient way to handle your ip addresses for your actual machines especially when you also support ipv6.
The most frustrating thing here is that the behavior differs on platforms and applications so it took a while before this was discovered.