3

This has been going on for two days now and it's really bugging me.

I've owned a domain name for a few years now. Let's call it example.com. I've had Google Apps free edition set up there for a few years and all is good. example.com has an A record pointing at a VPS that I own and MX records pointing at Google. I also have all email from example.com forwarded to my personal gmail account.

Just recently I registered a domain name for my friend's business that he is starting and set him up with Google Apps free edition. Let's called it example.net. This domain has MX records pointing at Google and a CNAME pointing at example.com -- I am using virtual hosts on my VPS to determine which page to serve -- basic stuff.

Here's the problem. All email sent to example.net ends up at example.com. Would the CNAME cause this? And why would it? I didn't think that CNAME records affect email. There are no filters set up for any email at example.net.

In the email headers I see To: friend@example.net. Moving up the header I see this out of nowhere:

X-Forwarded-To: personal@gmail.com
X-Forwarded-For: me@example.com personal@gmail.com

The only explanation I can think of is the CNAME record pointing from example.net to example.com. Can anybody verify this for me or possibly name another reason for this to happen?

knpwrs
  • 357
  • 1
  • 5
  • 14
  • If only there were a domain name specifically reserved for examples... [Oh, wait.](http://www.iana.org/go/rfc2606) – Joel Coel Dec 08 '11 at 23:08
  • As for X-Forwarded, probably it's normal because it google forwards it from _your_ apps to your private gmail. Guess you see it in all messages to example.com. – Sandman4 Dec 09 '11 at 01:01

1 Answers1

4

Yes, a CNAME record on domain2.com takes precedence over any other record on domain2.com.

According to the RFC, no other type of resource record (be it A, MX, or otherwise, except for DNSSEC supporting types SIG, NXT, and KEY) can exist on the same name as a CNAME; a BIND name server won't even load a zone with that kind of conflict present.

Shane Madden
  • 114,520
  • 13
  • 181
  • 251
  • Well then, I learned something today. I'll just have to update the DNS records (and accept your answer in 9 minutes when ServerFault lets me). – knpwrs Dec 08 '11 at 23:10
  • @KPthunder Can we edit "incorrectly" to "correctly" in your question now? :-) – ceejayoz Dec 08 '11 at 23:15
  • @ceejayoz I changed it to "unexpectedly." Is that good enough? :P – knpwrs Dec 08 '11 at 23:18
  • It does not actually explain why emails end-up in example.com mailbox - ok, CNAME causes that MX from example.com used, those MX point to the very same google apps as MX in example.net. now sendmail goes to those servers and sends mail to:example.NET. How came it end-up in example.com mailbox ? – Sandman4 Dec 08 '11 at 23:44
  • @KPThunder change it back to "incorrectly" ? ;) – Sandman4 Dec 08 '11 at 23:46
  • @Sandman4 Hah, good point! – Shane Madden Dec 09 '11 at 00:50
  • @KPthunder Hehe. Thanks for being a good sport. :-) – ceejayoz Dec 09 '11 at 01:37
  • 1
    @Sandman4 I removed the CNAME and changed it to an A record of the same IP address of my VPS and now everything works unlike the last two days. – knpwrs Dec 09 '11 at 03:41
  • @ceejayoz No problem, brah. – knpwrs Dec 09 '11 at 03:41
  • I demand someone to explain WHY ! :) – Sandman4 Dec 09 '11 at 09:05
  • 1
    @sandman4: it happens because when a CNAME is encountered the sending SMTP server is at liberty to rewrite the recipient address to the target of the CNAME (i.e. example.net CNAME example.com; user@example.net is rewriteable to user@example.com.) Then example.com happily accepts the mail. But you should never use CNAME at the top-level of a zone anyway: It's not valid (as highlighted above). Use the same IP address if you were doing it for a web server, etc., and manage any future changes. – jrg Mar 22 '13 at 14:39