Problem description:
I'm managing a corporate Email server for nlscan.com serving xxx@nlscan.com. However, for historical reason, we still support xxx@mail.nlscan.com. That is, foo@nlscan.com and foo@mail.nlscan.com refer to exactly the same mailbox and mail account. We recently find that some alien domain like @corp.url.com.tw fails to send email to us; our SMTP log shows that @corp.url.com.tw's SMTP server issues SMTP command
RCPT TO:<xxx@nlsgate.nlscan.com>
We do not recognize nlsgate.nlscan.com as recipient address, so it fails. We just allow 'RCPT TO: <xxx@mail.nlscan.com>' .
Where does that @nlsgate.nlscan.com come from? I fact, on our DNS, mail.nlscan.com is defined to be a CNAME of nlsgate.nlscan.com .
If sending from Gmail or Hotmail, we see the correct
RCPT TO:<xxx@mail.nlscan.com>
So, I'd like to ask, is the behavior of corp.url.com.tw's SMTP server RFC compliant? If it is compliant, we have to make mail.nlscan.com a A record instead of a CNAME record, right? And please tell me which RFC is it?
Best Answer
I don't know that it's causing the underlying problem, but to answer your specific question, no, an MX record must not be a CNAME. According to RFC2181 s10.3,
In practice, it often works, but if you're experiencing issues then the very first thing is to get yourself RFC-compliant, then investigate issues that continue past that.