Re: Sendmail on a LAN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



  On 08/17/2010 04:56 PM, Craig White wrote:
> On Tue, 2010-08-17 at 16:47 -0700, JD wrote:
>> On 08/17/2010 03:35 PM, Daniel B. Thurman wrote:
>>>    On 08/17/2010 02:25 PM, JD wrote:
>>>>     On 08/17/2010 01:27 PM, Gordon Messmer wrote:
>>>>> On 08/17/2010 09:33 AM, JD wrote:
>>>>>> Re:  a.b.c.d ==>     valid.host.name
>>>>>> and valid.host.name ==>     a.b.c.d
>>>>>> does not seem to apply to the google smtp server I use for Thunderbird.
>>>>> You did your test entirely backward.  You did a forward lookup first,
>>>>> and then checked the PTR of the IP which was returned.  There is no
>>>>> requirement for a PTR to match every hostname that resolves to its IP
>>>>> address.
>>>>>
>>>>> Let's finish your test:
>>>>>
>>>>> $ host smtp.gmail.com
>>>>> smtp.gmail.com is an alias for gmail-smtp-msa.l.google.com.
>>>>> gmail-smtp-msa.l.google.com has address 74.125.155.109
>>>>>
>>>>> The result of this test merely identifies an IP address.  Now, let's
>>>>> test to validate that the IP returns a PTR that resolves to the same IP:
>>>>>
>>>>> $ host 74.125.155.109
>>>>> 109.155.125.74.in-addr.arpa domain name pointer px-in-f109.1e100.net.
>>>>> $ host px-in-f109.1e100.net.
>>>>> px-in-f109.1e100.net has address 74.125.155.109
>>>>>
>>>>> Yep, totally valid.  That IP address has a PTR record, and the hostname
>>>>> contained in that PTR resolves back to the same IP address.  This host
>>>>> is properly configured.
>>>>>> So, Thunderbird client does not seem to mind that
>>>>>> reverse lookup does not match the name smtp.gmail.com
>>>>> Clients rarely do.  It's the servers to which you're going to try to
>>>>> deliver mail that will mind.
>>>> I see! Thanks for the heads up!
>>>> At any rate, I am having serious problem with an unwieldy router.
>>>> I just posted a message about that.
>>> 1) Make sure your ISP is not interfering with your traffic, to direct
>>>       all traffic to/from your primary router static IP address.  You can
>>>       call them and ask about it.  Mine was very helpful and cooperative
>>>       (spiritone.com) and their rates are good compared with many I have
>>>       checked.
>>>
>>> 2) If your ISP router allows, you might be able to set up your router
>>>       as a pass-through router forwarded to a more robust FW router,
>>>       or directly to your fedora box to handle the public firewall/NAT.
>>>       I have a hardware firewall appliance (SonicWall), so my dumb ISP
>>>       provided router is simply a pass-through router to SonicWall.
>>>
>>> 3) You state that you have static public IP addresse(s), but do
>>>       you have a domain name?  If so, make sure at the domain
>>>       name provider (DNP) website that you define your name
>>>       server addresses and most DNP require at minimum, 2
>>>       name servers. I set my name servers to ns1.mydomain.x1
>>>       and ns2.mydomain.x2 which is handled by my own domain
>>>       name servers. Just make sure you configure your name servers
>>>       properly (forwarders to your ISP name servers).
>>>
>>>       Make sure your sendmail is also properly configured.  Since
>>>       you use Thunderbird as I do, it is IMAP capable, so sendmail
>>>       needs special setup to support IMAP/Mailldir (as opposed to mbox)
>>>       handling and I use dovecot as my IMAP server As for the many
>>>       spams that DO come through, I use sendmail for that - I get VERY
>>>       MINIMAL spams - and this requires that you carefully and properly
>>>       setup your sendmail configuration.
>>>
>>>
>>> Once you get though all of this and to make it work, it is well worth it,
>>> at least it is for me.
>>>
>>> FWIW,
>>> Dan
>>>
>> I have done all that. Really. ISP (at&t) has unblocked port 25
>> per my request. So I can indeed smtp out. But when an smtp request
>> comes in to the router, the router seems to get confused as to the
>> session type - and calls is an Unknown session type, and blocks
>> the request. Router has no settings as to what session types are
>> and what types can be blocked, and what types can be accepted.
>> Session types are opaque to the user as far as configuration goes.
>> There are no means to admin session types.
>> What else can one expect from a thuggish isp?
> ----
> configure your router to forward inward port 25 (TCP) to your mail
> server. Shouldn't be that hard to do.
>
> Craig
>
>
I have done more than that.
For all incoming requests (ports 1-65535) are forwarded to my fedora 
machine,
for both tcp and udp.

Problem seems to be the firmware of the router (made by 2wire for at&t).
it is absulutely the most horible router firmware I have ever used.

here's an example of it's brain dead operation:

src=74.125.83.47 dst=76.218.80.172 ipprot=6 sport=49645 dport=25 Unknown 
inbound session stopped

And yet, it is confugured to ACCEPT smtp packets.

It makes the lame excuse it does not know the inbound session?

What a bunch of unmentionable stuff!!


-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux