[RFCI-Discuss] about FQDN for our smtp servers

Alex van den Bogaerdt alex at ergens.op.het.net
Mon Apr 10 23:44:30 EDT 2006 

On Tue, Apr 11, 2006 at 10:59:23AM +0800, Jeff Pang wrote:

> I don't clearly know what is FQDN.Is it mean our SMTP server's A record?or ptr record?


It is the full name.  Example:  mail1.somename.example.com.
Bad example: mail1
Bad example: mail1.somename
Only the FULL name is allowed.


The rest is slightly simplified.  If I am way off base here I'm
sure someone will correct me:


When everything is setup as should be, the name can be found in DNS.
The node has an A record attached. This A record contains the IP address.

The IP address can be found in DNS as well, in reverse order, as a subdomain
of domain 'in-addr.arpa.'.  This node has a PTR record attached.  The PTR
record contains a name. When you lookup this name, you have to end up at
the same IP address again.

> For example,the IP of '220.181.12.14' is one of our smtp server,whose A record is:
> 
>  smtp.163.split.netease.com

When I look this up I see five IP addresses, none of them being
what you report.

I'm going to guess here that it actually is more than one box, either
for real or virtual.

That's OK, but it is not a single host.  Each host needs a distinct
name.  This distinct name must be used in HELO/EHLO.

Example:
smtp.163.split.netease.com points to 5 different servers.

smtp.163.split.netease.com A 202.108.5.81
                           A 202.108.5.82
                           A 202.108.5.83
                           A 202.108.5.84
                           A 202.108.5.85

Each host has its own PTR record:

81.5.108.202.in-addr.arpa PTR example1.smtp.163.split.netease.com.
82.5.108.202.in-addr.arpa PTR example1.smtp.163.split.netease.com.
83.5.108.202.in-addr.arpa PTR example1.smtp.163.split.netease.com.
84.5.108.202.in-addr.arpa PTR example1.smtp.163.split.netease.com.
85.5.108.202.in-addr.arpa PTR example1.smtp.163.split.netease.com.

These names each have one IP address associated:

example1.smtp.163.split.netease.com A 202.108.5.81
example2.smtp.163.split.netease.com A 202.108.5.82
example3.smtp.163.split.netease.com A 202.108.5.83
example4.smtp.163.split.netease.com A 202.108.5.84
example5.smtp.163.split.netease.com A 202.108.5.85

Note that PTR and A records match:

202.108.5.81 resolves to example1.smtp.163.split.netease.com.
example1.smtp.163.split.netease.com resolves to 202.108.5.81

One of the five A records attached to node smtp.163.split.netease.com
also points to IP address 202.108.5.81 but I don't think you need
a PTR record pointing back to this name.  I know some disagree.

> When this MTA connect to other site's MTA,it issue the HELO command as:
> 
>   HELO smtp.163.com

The purpose of the HELO command is that the other side knows who is
talking to it.  If your five boxes all use the same name, the other
end cannot file a problem report for a specific server.  If you get
a problem report for "smtp.163.com" you need to do more work than when
you get a problem report for "example1.smtp.163.split.netease.com."

Only when a computer cannot have a FQDN it is allowed to use its
IP address in helo, and then only specially formatted. You can look
this up in the RFC but you can also skip it as it does not apply
to your hosts.

Alex

More information about the RFCI-Discuss mailing list