Difference between revisions of "Unresolvable Domain"

From Roaring Penguin
Jump to: navigation, search
(Why do we reject unresolvable domains?)
Line 9: Line 9:
 
If there is a delivery problem, the Internet standards require that a failure
 
If there is a delivery problem, the Internet standards require that a failure
 
notification be sent to the envelope sender (in this example, <code>xyz@pqrst.example.com</code>).  If that domain does not exist, then obviously no failure notification can be sent.
 
notification be sent to the envelope sender (in this example, <code>xyz@pqrst.example.com</code>).  If that domain does not exist, then obviously no failure notification can be sent.
 +
 +
The Internet standards are clear.  [https://tools.ietf.org/html/rfc5321 RFC 5321] explicitly says:
 +
 +
<blockquote>
 +
Only resolvable, fully-qualified domain names (FQDNs) are permitted
 +
when domain names are used in SMTP.  In other words, names that can
 +
be resolved to MX RRs or address (i.e., A or AAAA) RRs (as discussed
 +
in Section 5) are permitted, as are CNAME RRs whose targets can be
 +
resolved, in turn, to MX or address RRs.
 +
</blockquote>
  
 
== How can I make this work? ==
 
== How can I make this work? ==

Revision as of 17:03, 11 January 2017

On Hosted CanIt, you may see logs similar to this:

5.1.8 <user@example.com>... Domain of sender address xyz@pqrst.example.com does not exist

Hosted CanIt always rejects messages where the domain of the envelope sender (in the example above, pqrst.example.com lacks an A or an MX record. This policy is absolutely firm.

Why do we reject unresolvable domains?

If there is a delivery problem, the Internet standards require that a failure notification be sent to the envelope sender (in this example, xyz@pqrst.example.com). If that domain does not exist, then obviously no failure notification can be sent.

The Internet standards are clear. RFC 5321 explicitly says:

Only resolvable, fully-qualified domain names (FQDNs) are permitted when domain names are used in SMTP. In other words, names that can be resolved to MX RRs or address (i.e., A or AAAA) RRs (as discussed in Section 5) are permitted, as are CNAME RRs whose targets can be resolved, in turn, to MX or address RRs.

How can I make this work?

Only the sender of the email can fix the problem. There are two options available:

  1. Make sure the domain of the envelope sender address is resolvable. That is, whatever comes after the @ sign in the sender address must have an A record, an MX record, or both.
  2. Use the null return path <> as the envelope sender. This is useful for situations in which you don't care to receive failure notifications.

Can Roaring Penguin please make an exception?

No, sorry. It is an error to send mail from unresolvable domains and the onus is on the sender to fix the problem.

I run my own CanIt server. How can I allow unresolvable domains?

Please don't. Allowing unresolvable domains simply encourages bad Internet hygiene and substandard programming practices.

That said, if you want to ignore best current practices and allow such domains, see this Wiki page.