From time to time I observe the following email setups, from web hosting providers mostly:
$ host -t mx example.com example.com mail is handled by 5 mail.example.com. $ host mail.example.com mail.example.com is an alias for www.example.com. www.example.com has address 192.0.2.2
In other words this is a single server that provides web and mail services, The devil is in the details though: mail.example.com is an alias for http://www.example.com. This is a mistake as when something is declared as a CNAME, it cannot have other resource records bound with it. I copy from DNS for Rocket Scientists:
CNAME RRs cannot have any other RRs with the same name, for example, a TXT – well that was true until DNSSEC came along and in this case RRSIG, NSEC and certain KEY RRs can now occupy the same name.
So the above setup is wrong. The correct setup would be the following:
$ host -t mx example.com example.com mail is handled by 5 mail.example.com. $ host mail.example.com mail.example.com has address 192.0.2.2 $ host www.example.com www.example.com is an alias for mail.example.com. mail.example.com has address 192.0.2.2
That is if you want to use a CNAME at all. Personally I am using A RRs instead of CNAMEs whenever possible. But why cannot a CNAME carry any other information? I copy from RFC1034 (section 3.6.2):
A CNAME RR identifies its owner name as an alias, and specifies the corresponding canonical name in the RDATA section of the RR. If a CNAME RR is present at a node, no other data should be present; this ensures that the data for a canonical name and its aliases cannot be different. This rule also insures that a cached CNAME can be used without checking with an authoritative server for other RR types.
So please people, correct your defaults. Your clients will benefit from that.