Re: Sendmail on a LAN

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



 On 08/17/2010 08:28 PM, JD wrote:
>   On 08/17/2010 07:50 PM, Daniel B. Thurman wrote:
>>   On 08/17/2010 05:10 PM, JD wrote:
>>>    On 08/17/2010 04:56 PM, Craig White wrote:
>>>> On Tue, 2010-08-17 at 16:47 -0700, JD wrote:
>>>>> On 08/17/2010 03:35 PM, Daniel B. Thurman wrote:
>>>>>>     On 08/17/2010 02:25 PM, JD wrote:
>>>>>>>      On 08/17/2010 01:27 PM, Gordon Messmer wrote:
>>>>>>>> On 08/17/2010 09:33 AM, JD wrote:
>>>>>>>>> Re:  a.b.c.d ==>      valid.host.name
>>>>>>>>> and valid.host.name ==>      a.b.c.d
>>>>>>>>> does not seem to apply to the google smtp server I use for Thunderbird.
>>>>>>>> You did your test entirely backward.  You did a forward lookup first,
>>>>>>>> and then checked the PTR of the IP which was returned.  There is no
>>>>>>>> requirement for a PTR to match every hostname that resolves to its IP
>>>>>>>> address.
>>>>>>>>
>>>>>>>> Let's finish your test:
>>>>>>>>
>>>>>>>> $ host smtp.gmail.com
>>>>>>>> smtp.gmail.com is an alias for gmail-smtp-msa.l.google.com.
>>>>>>>> gmail-smtp-msa.l.google.com has address 74.125.155.109
>>>>>>>>
>>>>>>>> The result of this test merely identifies an IP address.  Now, let's
>>>>>>>> test to validate that the IP returns a PTR that resolves to the same IP:
>>>>>>>>
>>>>>>>> $ host 74.125.155.109
>>>>>>>> 109.155.125.74.in-addr.arpa domain name pointer px-in-f109.1e100.net.
>>>>>>>> $ host px-in-f109.1e100.net.
>>>>>>>> px-in-f109.1e100.net has address 74.125.155.109
>>>>>>>>
>>>>>>>> Yep, totally valid.  That IP address has a PTR record, and the hostname
>>>>>>>> contained in that PTR resolves back to the same IP address.  This host
>>>>>>>> is properly configured.
>>>>>>>>> So, Thunderbird client does not seem to mind that
>>>>>>>>> reverse lookup does not match the name smtp.gmail.com
>>>>>>>> Clients rarely do.  It's the servers to which you're going to try to
>>>>>>>> deliver mail that will mind.
>>>>>>> I see! Thanks for the heads up!
>>>>>>> At any rate, I am having serious problem with an unwieldy router.
>>>>>>> I just posted a message about that.
>>>>>> 1) Make sure your ISP is not interfering with your traffic, to direct
>>>>>>        all traffic to/from your primary router static IP address.  You can
>>>>>>        call them and ask about it.  Mine was very helpful and cooperative
>>>>>>        (spiritone.com) and their rates are good compared with many I have
>>>>>>        checked.
>>>>>>
>>>>>> 2) If your ISP router allows, you might be able to set up your router
>>>>>>        as a pass-through router forwarded to a more robust FW router,
>>>>>>        or directly to your fedora box to handle the public firewall/NAT.
>>>>>>        I have a hardware firewall appliance (SonicWall), so my dumb ISP
>>>>>>        provided router is simply a pass-through router to SonicWall.
>>>>>>
>>>>>> 3) You state that you have static public IP addresse(s), but do
>>>>>>        you have a domain name?  If so, make sure at the domain
>>>>>>        name provider (DNP) website that you define your name
>>>>>>        server addresses and most DNP require at minimum, 2
>>>>>>        name servers. I set my name servers to ns1.mydomain.x1
>>>>>>        and ns2.mydomain.x2 which is handled by my own domain
>>>>>>        name servers. Just make sure you configure your name servers
>>>>>>        properly (forwarders to your ISP name servers).
>>>>>>
>>>>>>        Make sure your sendmail is also properly configured.  Since
>>>>>>        you use Thunderbird as I do, it is IMAP capable, so sendmail
>>>>>>        needs special setup to support IMAP/Mailldir (as opposed to mbox)
>>>>>>        handling and I use dovecot as my IMAP server As for the many
>>>>>>        spams that DO come through, I use sendmail for that - I get VERY
>>>>>>        MINIMAL spams - and this requires that you carefully and properly
>>>>>>        setup your sendmail configuration.
>>>>>>
>>>>>>
>>>>>> Once you get though all of this and to make it work, it is well worth it,
>>>>>> at least it is for me.
>>>>>>
>>>>>> FWIW,
>>>>>> Dan
>>>>>>
>>>>> I have done all that. Really. ISP (at&t) has unblocked port 25
>>>>> per my request. So I can indeed smtp out. But when an smtp request
>>>>> comes in to the router, the router seems to get confused as to the
>>>>> session type - and calls is an Unknown session type, and blocks
>>>>> the request. Router has no settings as to what session types are
>>>>> and what types can be blocked, and what types can be accepted.
>>>>> Session types are opaque to the user as far as configuration goes.
>>>>> There are no means to admin session types.
>>>>> What else can one expect from a thuggish isp?
>>>> ----
>>>> configure your router to forward inward port 25 (TCP) to your mail
>>>> server. Shouldn't be that hard to do.
>>>>
>>>> Craig
>>>>
>>>>
>>> I have done more than that.
>>> For all incoming requests (ports 1-65535) are forwarded to my fedora
>>> machine,
>>> for both tcp and udp.
>>>
>>> Problem seems to be the firmware of the router (made by 2wire for at&t).
>>> it is absulutely the most horible router firmware I have ever used.
>>>
>>> here's an example of it's brain dead operation:
>>>
>>> src=74.125.83.47 dst=76.218.80.172 ipprot=6 sport=49645 dport=25 Unknown
>>> inbound session stopped
>>>
>>> And yet, it is confugured to ACCEPT smtp packets.
>>>
>>> It makes the lame excuse it does not know the inbound session?
>>>
>>> What a bunch of unmentionable stuff!!
>> What is this router you are talking about?  Are
>> you sure it isn't broken or is in need of a firmware
>> update?  I have no clue what this router is that you
>> are dealing with...  care to provide a bit of details
>> since you are bitterly complaining about it?
>>
>> If all else, consider getting another router that you
>> know how to configure?
>>
> Hi Dan,
> probably you did not catch the earlier stuff on this thread....
> The router is a 2-wire, but AT&T sells it as their Uverse
> router, which handles internet and TV.
> You will not find this on the market, because I do not
> know which 2-wire model it is. People who have at&t
> Uverse know what I'm talking about - but then perhaps
> at&t uses different routers in different market zones.
>
> At any rate, I got things to almost work...
> so I am still at it....
>
> Cheers,
>
> JD
Ok, well good luck with the router!

Dan

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux