On 08/17/2010 08:28 PM, JD wrote: > On 08/17/2010 07:50 PM, Daniel B. Thurman wrote: >> On 08/17/2010 05:10 PM, JD wrote: >>> On 08/17/2010 04:56 PM, Craig White wrote: >>>> On Tue, 2010-08-17 at 16:47 -0700, JD wrote: >>>>> On 08/17/2010 03:35 PM, Daniel B. Thurman wrote: >>>>>> On 08/17/2010 02:25 PM, JD wrote: >>>>>>> On 08/17/2010 01:27 PM, Gordon Messmer wrote: >>>>>>>> On 08/17/2010 09:33 AM, JD wrote: >>>>>>>>> Re: a.b.c.d ==> valid.host.name >>>>>>>>> and valid.host.name ==> a.b.c.d >>>>>>>>> does not seem to apply to the google smtp server I use for Thunderbird. >>>>>>>> You did your test entirely backward. You did a forward lookup first, >>>>>>>> and then checked the PTR of the IP which was returned. There is no >>>>>>>> requirement for a PTR to match every hostname that resolves to its IP >>>>>>>> address. >>>>>>>> >>>>>>>> Let's finish your test: >>>>>>>> >>>>>>>> $ host smtp.gmail.com >>>>>>>> smtp.gmail.com is an alias for gmail-smtp-msa.l.google.com. >>>>>>>> gmail-smtp-msa.l.google.com has address 74.125.155.109 >>>>>>>> >>>>>>>> The result of this test merely identifies an IP address. Now, let's >>>>>>>> test to validate that the IP returns a PTR that resolves to the same IP: >>>>>>>> >>>>>>>> $ host 74.125.155.109 >>>>>>>> 109.155.125.74.in-addr.arpa domain name pointer px-in-f109.1e100.net. >>>>>>>> $ host px-in-f109.1e100.net. >>>>>>>> px-in-f109.1e100.net has address 74.125.155.109 >>>>>>>> >>>>>>>> Yep, totally valid. That IP address has a PTR record, and the hostname >>>>>>>> contained in that PTR resolves back to the same IP address. This host >>>>>>>> is properly configured. >>>>>>>>> So, Thunderbird client does not seem to mind that >>>>>>>>> reverse lookup does not match the name smtp.gmail.com >>>>>>>> Clients rarely do. It's the servers to which you're going to try to >>>>>>>> deliver mail that will mind. >>>>>>> I see! Thanks for the heads up! >>>>>>> At any rate, I am having serious problem with an unwieldy router. >>>>>>> I just posted a message about that. >>>>>> 1) Make sure your ISP is not interfering with your traffic, to direct >>>>>> all traffic to/from your primary router static IP address. You can >>>>>> call them and ask about it. Mine was very helpful and cooperative >>>>>> (spiritone.com) and their rates are good compared with many I have >>>>>> checked. >>>>>> >>>>>> 2) If your ISP router allows, you might be able to set up your router >>>>>> as a pass-through router forwarded to a more robust FW router, >>>>>> or directly to your fedora box to handle the public firewall/NAT. >>>>>> I have a hardware firewall appliance (SonicWall), so my dumb ISP >>>>>> provided router is simply a pass-through router to SonicWall. >>>>>> >>>>>> 3) You state that you have static public IP addresse(s), but do >>>>>> you have a domain name? If so, make sure at the domain >>>>>> name provider (DNP) website that you define your name >>>>>> server addresses and most DNP require at minimum, 2 >>>>>> name servers. I set my name servers to ns1.mydomain.x1 >>>>>> and ns2.mydomain.x2 which is handled by my own domain >>>>>> name servers. Just make sure you configure your name servers >>>>>> properly (forwarders to your ISP name servers). >>>>>> >>>>>> Make sure your sendmail is also properly configured. Since >>>>>> you use Thunderbird as I do, it is IMAP capable, so sendmail >>>>>> needs special setup to support IMAP/Mailldir (as opposed to mbox) >>>>>> handling and I use dovecot as my IMAP server As for the many >>>>>> spams that DO come through, I use sendmail for that - I get VERY >>>>>> MINIMAL spams - and this requires that you carefully and properly >>>>>> setup your sendmail configuration. >>>>>> >>>>>> >>>>>> Once you get though all of this and to make it work, it is well worth it, >>>>>> at least it is for me. >>>>>> >>>>>> FWIW, >>>>>> Dan >>>>>> >>>>> I have done all that. Really. ISP (at&t) has unblocked port 25 >>>>> per my request. So I can indeed smtp out. But when an smtp request >>>>> comes in to the router, the router seems to get confused as to the >>>>> session type - and calls is an Unknown session type, and blocks >>>>> the request. Router has no settings as to what session types are >>>>> and what types can be blocked, and what types can be accepted. >>>>> Session types are opaque to the user as far as configuration goes. >>>>> There are no means to admin session types. >>>>> What else can one expect from a thuggish isp? >>>> ---- >>>> configure your router to forward inward port 25 (TCP) to your mail >>>> server. Shouldn't be that hard to do. >>>> >>>> Craig >>>> >>>> >>> I have done more than that. >>> For all incoming requests (ports 1-65535) are forwarded to my fedora >>> machine, >>> for both tcp and udp. >>> >>> Problem seems to be the firmware of the router (made by 2wire for at&t). >>> it is absulutely the most horible router firmware I have ever used. >>> >>> here's an example of it's brain dead operation: >>> >>> src=74.125.83.47 dst=76.218.80.172 ipprot=6 sport=49645 dport=25 Unknown >>> inbound session stopped >>> >>> And yet, it is confugured to ACCEPT smtp packets. >>> >>> It makes the lame excuse it does not know the inbound session? >>> >>> What a bunch of unmentionable stuff!! >> What is this router you are talking about? Are >> you sure it isn't broken or is in need of a firmware >> update? I have no clue what this router is that you >> are dealing with... care to provide a bit of details >> since you are bitterly complaining about it? >> >> If all else, consider getting another router that you >> know how to configure? >> > Hi Dan, > probably you did not catch the earlier stuff on this thread.... > The router is a 2-wire, but AT&T sells it as their Uverse > router, which handles internet and TV. > You will not find this on the market, because I do not > know which 2-wire model it is. People who have at&t > Uverse know what I'm talking about - but then perhaps > at&t uses different routers in different market zones. > > At any rate, I got things to almost work... > so I am still at it.... > > Cheers, > > JD Ok, well good luck with the router! Dan -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
