OT? SRV records etc

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

OT? SRV records etc

John Allen
How likely is it for a DNS to have SRV records for such things as smtp.
imap ...
I know that a dumb ? but I am try to guesstimate how big an dewy eyed
optomist I am being in hoping that they are common practise.

Reply | Threaded
Open this post in threaded view
|

Re: OT? SRV records etc

Kevin A. McGrail
On 4/25/2017 4:57 PM, John wrote:
> How likely is it for a DNS to have SRV records for such things as
> smtp. imap ...
> I know that a dumb ? but I am try to guesstimate how big an dewy eyed
> optomist I am being in hoping that they are common practise.
In my experience, very rare, not even sure what I would use them for...
Lots of experience with lots of domains, never used once for SMTP or
IMAP that I can remember...
Reply | Threaded
Open this post in threaded view
|

Re: OT? SRV records etc

Wietse Venema
In reply to this post by John Allen
John:
> How likely is it for a DNS to have SRV records for such things as smtp.
> imap ...
> I know that a dumb ? but I am try to guesstimate how big an dewy eyed
> optomist I am being in hoping that they are common practise.

The SMTP standard RFC 5322 require MX and A lookups but no SRV lookups.

        Wietse
>
Reply | Threaded
Open this post in threaded view
|

Re: OT? SRV records etc

Viktor Dukhovni

> On Apr 25, 2017, at 8:08 PM, Wietse Venema <[hidden email]> wrote:
>
> The SMTP standard RFC 5322 require MX and A lookups but no SRV lookups.

There is an SRV specification for MUAs in https://tools.ietf.org/html/rfc6186

The security picture for this is rather dire at present, and is largely
unsupported by MUAs.  Absent DNSSEC one has little reason to trust the
SRV record, and prompting the user is not especially appealing.

The more recent RFC https://tools.ietf.org/html/rfc7817 valiantly suggests
the use of "SRV-ID" in X.509 certificates to resolve the security issues
without abandoning the "WebPKI" for DNSSEC and DANE, but I simply don't
see much likelihood of CAs starting to issue such certificates.

So, until the world of cafes, airports, hotels, and other places where
mobile devices find themselves these days becomes a lot more friendly
to DNSSEC I don't expect to see much adoption of RFC6186, that is do
not expect much use of SRV records for email in the next decade.

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: OT? SRV records etc

Robert Moskowitz
In reply to this post by Kevin A. McGrail


On 04/25/2017 11:10 PM, Kevin A. McGrail wrote:
> On 4/25/2017 4:57 PM, John wrote:
>> How likely is it for a DNS to have SRV records for such things as
>> smtp. imap ...
>> I know that a dumb ? but I am try to guesstimate how big an dewy eyed
>> optomist I am being in hoping that they are common practise.
> In my experience, very rare, not even sure what I would use them
> for... Lots of experience with lots of domains, never used once for
> SMTP or IMAP that I can remember...
>
SRV records are used somewhat regularly for VoIP servers. Particularly
with load balancing them

When I was playing around with Trixbox, I would use them.

I know of large LDAP systems that use them, but they are internal
corporate ones.  Again with load balancing.


Reply | Threaded
Open this post in threaded view
|

RE: OT? SRV records etc

Marius Gologan
In reply to this post by John Allen
Hi,

MS Outlook 2010 and above, W10 Mail clients use SRV _autodiscover._tcp.domain.tld  (and https://autodiscover.domain.tld/autodiscover/ autodiscover.xml)
The XML provides details about protocols, ports, auth., account details, even the Full Name - after the authentication.

I guess was introduces with Exchange ActiveSync (web).  Some mobile phones with ActiveSync might use this mechanism.
Thunderbird uses similar mechanisms, but with different XML.

Regards,
Marius

-----Original Message-----
From: [hidden email] [mailto:[hidden email]] On Behalf Of John
Sent: Tuesday, April 25, 2017 11:58 PM
To: Postfix Users Mailing List
Subject: OT? SRV records etc

How likely is it for a DNS to have SRV records for such things as smtp.
imap ...
I know that a dumb ? but I am try to guesstimate how big an dewy eyed optomist I am being in hoping that they are common practise.