Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for mx.microsoft. in M365_BUILDER #3185

Open
ajh0912 opened this issue Nov 1, 2024 · 1 comment · May be fixed by #3191
Open

Support for mx.microsoft. in M365_BUILDER #3185

ajh0912 opened this issue Nov 1, 2024 · 1 comment · May be fixed by #3191

Comments

@ajh0912
Copy link

ajh0912 commented Nov 1, 2024
edited
Loading

Is your feature request related to a problem? Please describe.
Microsoft has recently introduced support for inbound SMTP DANE in Exchange Online, and with it comes a new MX record target that will be in a DNSSEC signed zone.

Implementation would involve changing MX record target from example-com.protection.outlook.com. to example-com.<random-id>.mx.microsoft.
Where <random-id> may be different per-domain. To mitigate DNSSEC performance issues with large zones Microsoft are spreading MX targets across many zones.

Describe the solution you'd like
Currently, M365_BUILDER supports setting an MX record following the example-com.protection.outlook.com. pattern, by using mx: true.

It would be good to also support the example-com.<random-id>.mx.microsoft. pattern.

It could be done by using an additional label of mxHost, defaulting to protection.outlook.com if undefined. This would allow the user to specify mxHost: "<random-id>.mx.microsoft", but could also be used to accommodate the sovereign clouds like Office 365 DOD, or 21Vianet - as they all use different MX target hosts.

Another way would be changing the behaviour of mx to support true, false, or "<any MX target here>".
This would avoid needing another label and wouldn't break backwards compatibility, but I don't know what the opinion on mixing types in a label is.

Describe alternatives you've considered
For domains that we want to use inbound SMTP DANE with, we can set the M365_BUILDER to mx: false and set an MX record manually for example-com.<random-id>.mx.microsoft.
@ajh0912 ajh0912 changed the title Support for o-v1.mx.microsoft in M365_BUILDER Support for mx.microsoft. in M365_BUILDER Nov 4, 2024
@ajh0912 ajh0912 linked a pull request Nov 4, 2024 that will close this issue
Open
@ajh0912
Copy link
Author

ajh0912 commented Nov 4, 2024

I'm not quite sure what the future looks like for functions like M365_BUILDER, with the possibility of deprecating them and standing up a directory of example snippets instead also discussed here for new function request.

I've made PR #3191 in the assumption that M365_BUILDER remains for now, and that the maintainers are okay to further extend its functionality.

I've never contributed to a project that uses Go before, and I have a basic understanding of JS (I'm a systems administrator), so let me know if there's any obvious issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

FEATURE: M365_BUILDER add support for alternative MX hosts ajh0912/dnscontrol
1 participant
@ajh0912