This is a totally non-spamcop related question, thus its posting in the Geek/Tech Things forum, however, this forum seems to have a pretty good collection of people with an understanding of mailservers and the SMTP process. I've recently run into some issues with my personal mailserver at home, and wanted to get a second opinion on it.

The setup for said mailserver is pretty convoluted (due to it being on a dynamic IP address and me being cheap).

The primary domain chimera-tech.com uses the tzo server to provide dynamic name resolution.

I host a secondary domain (intuitmassage.com) for a friend of mine who is a massage therapist. She has an email address at that domain. She only receives email through my server, her outgoing mail goes through her ISP so there are no problems with the lack of PTR record. The domain intuitmassage.com has a CNAME record that points it back to chimera-tech.com (because it is much cheaper than hosting a second domain on tzo). Because it is a CNAME, it has no MX, as a mailserver SHOULD pull the CNAME for intuitmassage.com, which returns chimera-tech.com, and then pull the MX for that.

In most cases, this works just fine, mail flows in just as it should.

However, I recently ran into a problem with someone sending her (my friend with the intuitmassage.com email address) an email from SBC. Instead of going through, she got the following bounce from SBCs mailserver (note the left hand side of addresses have been munged to protect the guilty... err, I mean innocent):



Now, from looking at this, it looks to me as if the SBC mail server is rewriting the recipient using the cname record, so instead of sending to xxxx[at]intuitmassage.com, SBC pulls the CNAME for intuitmassage.com which is www.chimera-tech.com and rewrites the Recipient as xxxx[at]www.chimera-tech.com, which doesn't exist.

So first, am I reading that correct, or is there something else going on here that I am missing?

Second, if that is what is happening, is this RFC compliant? I can't find anywhere in the RFCs for SMTP that I have looked for that indicate recipient addresses should ever be rewritten with the CNAME values.

You don't have any NS records for intuitmassage.com, is the problem.



The root servers list ns0 and ns1 .directnic.com as the glue servers for intuitmassage.com, but when you query them...



... you get absolutely no NS records for that domain at all. This is very, very broken - you should never have a domain without NS records. It's fine to CNAME the A record for the domain as you have above, but there should be NS records, and they should match the glue at the root servers.

Hmm, not sure why you're getting no NS records, they should be set up with directnic. I'll fire them an email to find out why no NS records are being returned.

Lemme know if you need any more help figuring it out. Might want to email me at jim[AT]youcanprobablyfigurethedomainoutifyoutryreallyhard if you do, I don't monitor forums here so much and may forget they exist entirely if not reminded. =)

Your posts thus far have been appreciated. Thanks for the time spent thus far ...