[BlueOnyx:05618] Re: SYSERR(root): rewrite: excessive recursion (max 50), ruleset canonify

Michael Stauber mstauber at blueonyx.it
Wed Oct 20 19:17:44 -05 2010 

Hi Frank,

> So @Michael : I wonder if the DNS given on the Solarspeed page are not 
> too complicated ??
> In our configuration, the aliases imap, pop3 and smtp are just there to 
> facilitate the setup of users's mail programs, they are not important 
> here. So if we just look at :
> 
> .ouestlekeum.com MX mail.ouestlekeum.com
> .ouestlekeum.com A 82.138.98.155
> www.ouestlekeum.com A 82.138.98.155
> mail.ouestlekeum.com A 82.138.98.155
> 
> The difference with my configuration on systea.fr is the 
> ".ouestlekeum.com A 82.138.98.155".

Frank, the DNS example listed in the Solarspeed FAQ is as simple as it gets. 
It's known to work and if you follow that example to the letter, then it 
works. 

The above example records you quoted are wrong again. It ought to be like 
this:

If the site is named "www.ouestlekeum.com" in the GUI interface of BlueOnyx, 
then give it the "email server alias" and the "web server alias" of 
"ouestlekeum.com". Next make sure it has the following DNS records:

www.ouestlekeum.com 	A 	82.138.98.155
ouestlekeum.com 		A 	82.138.98.155
ouestlekeum.com 		MX 	www.ouestlekeum.com
www.ouestlekeum.com 	MX	www.ouestlekeum.com

If you REALLY want and need a "mail.ouestlekeum.com" (which is useless IMHO), 
then add the following DNS records as well:

mail.ouestlekeum.com 	A 	82.138.98.155
mail.ouestlekeum.com 	MX 	www.ouestlekeum.com

But also add "mail.ouestlekeum.com" as "Email Server Alias" and "Web Server 
Alias" in the GUI, too.

> The domain name redirect to the IP ? Why ? For some slackers who are 
> afraid by typing "www." ? ;) 

When you enter a domain name into the address bar of your browser, then your 
browser needs to know which IP address the domain runs on. For this it 
contacts the DNS server that your computer is using and says "Hey, DNS-buddy, 
where does this domain run on?" The DNS server then polls that info out of its 
cache, or polls the chain of DNS servers above it for the info. Eventually the 
DNS root servers hand that information down and say: "DNS XYZ runs on this and 
that IP". Your browser then connects to the IP and tells the webserver there: 
"Hey there. Show me the start page of the domain XYZ!". The Webserver then 
checks if he is responsible for that domain - and if so - shows the page.

Domains can have subdomains and they can even be hosted on different IPs or 
different servers. So www.xyz.com may be hosted somehwere else than 
mail.xyz.com. Even xyz.com can be hosted entirely elsewhere than www.xyz.com. 
That's up to the person who hosts that domain.

So the "optional" www. in front of a domain name may not be that optional 
everywhere. It is the job of the person responsible for the domain to sort 
this out with having proper DNS records. Understanding how DNS works is just 
one step in that process.

> And on your suggestion bellow, why a MX *from www *to www ? I don't 
> understand this line.

Sendmail will not accept emails for domains that it doesn't have a MX record 
for. Hence: For every domain that you want to accept emails for, you have to 
have an MX record. Likewise: Other mailservers (if correctly configured) will 
not accept email from you, if your server doesn't have MX records that match 
the senders domain name.

Lastly it has to do with how the MTA (Sendmail in our case) works in a multi 
domain setup.

Say your site is named "www.xyz.com" in the GUI. And you have another site on 
the box named "customer.xyz.com".

Those are two separate sites. Say both have the email server alias "support" 
for a certain mailbox. Now if you mail to "support at xyz.com", then who gets the 
email?

Will that email go to a user on "www.xyz.com", or to a user on 
"customer.xyz.com"?

The answer to that depends on how you set up your MX records and your email 
server aliasses. 

INTERNALLY all mailboxes are in the following format:

username at FQDN

Example:

joe at www.xyz.com
jeff at customer.xyz.com

Now if an email arrives for "joe at xyz.com", Sendmail's initial response could 
as well be: "Sorry, I don't know who that mail might be for", because THAT 
recipient address doesn't match any known address it is responsible for.

Only through email server aliasses you can let Sendmail make the association 
that mails to "joe at xyz.com" ought to go into the mailbox of "joe at www.xyz.com" 
as well. 


-- 
With best regards

Michael Stauber

More information about the Blueonyx mailing list