In DNS, I have service.example.com. CNAME box.example.com. When sending email automatically to about 10,000 adresses (no worries, nothing sinister), I set envelope-from to [email protected]. Of the bounces that come back, about 70% have envelope-to set to [email protected] (which is what I would expect), but about 30% have envelope-to to [email protected].
What is going on here? Do some MTAs change envelope-to when they discover a CNAME? Which MTAs?
Is it a good idea to use an A record instead of a CNAME for service.example.com.?
Yes, some MTA rewrite addresses, usually sendmail with custom macros that are trying to consolidate multiple internal (formerly external) domains into one consistent external domain.
Your bounce percentages might also be explained by the level at which the bounce came back. For example, a bounce from your edge MTA might well look different than a bounce from someone else's MTA.
I cannot speak for the exact performance in your situation due to lack of details.
The
Return-Path:header is specified by the MDA, which uses the address identified in theMAIL FROMcommand.The MTA typically defaults the
MAIL FROMas the user sending the mail. For example, callingqmail-injectwith the-fflag can change theReturn-Pathto the specified e-Mail address.For example, my username is warner on the awesomebox(.awesomedomain.org) server. If I send an e-Mail using mutt and specify the
From:header as [email protected], the MTA (QMAIL) is going to default to specifying theMAIL FROMas [email protected].The same performance would apply to CGI running via Apache, it would default the
Return-Pathto the user Apache runs as.According to RFC 1123 your MX record must point to a hostname with an A record (and/or AAAA for IPv6), and never to one with a CNAME!