Re: Split dns issues

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



 

> -----Original Message-----
> From: centos-bounces@xxxxxxxxxx 
> [mailto:centos-bounces@xxxxxxxxxx] On Behalf Of Les Mikesell
> Sent: Monday, August 03, 2009 11:49
> To: CentOS mailing list
> Subject: Re:  Split dns issues
> 
> Filipe Brandenburger wrote:
> > 
> > On Mon, Aug 3, 2009 at 10:27, Jason Pyeron<jpyeron@xxxxxxxx> wrote:
> >> My worry is the A record for the outsourced mail service is out of 
> >> our control, if it were to change it would be catastrophic.
> > 
> > Well, if you *must* use a name like mx.google.com for your MX, you 
> > could also set up an mx.google.com domain as authoritative in your 
> > domain, and then add an "A" record with your internal mail server 
> > there... It's not beautiful, but it should work.
> 
> One other possibility is that some network equipment (e.g. 
> Cisco PIX) has the ability to apply some NAT rules to DNS 
> responses as they go by. 
>   You'd have to track the actual IP's to alias them, but 
> since the worst-case behavior of not translating would be to 
> get a spam-scan it might not be too bad.  I don't think this 
> will differentiate between mx and other dns responses though, 
> so it could cause trouble if the target IPs are the same as 
> ones used for some other type of access.

I think adding more layers to the cake would be a bad idea for us. And way to
vendor specific.

> 
> Personally, I don't like to rely on features that are 
> vendor-specific like that but it might be a quick fix for 
> this problem.  The real solution would be to configure your 
> sending sendmails to use a MAIL_HUB setting - at least any 

Not all of the systems can be configured as such (policy and/or technology).

> that send enough local mail to matter and always have direct 
> access  to the internal server.
> 
> -- 
>    Les Mikesell
>     lesmikesell@xxxxxxxxx
> 
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
> 



--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-                                                               -
- Jason Pyeron                      PD Inc. http://www.pdinc.us -
- Principal Consultant              10 West 24th Street #100    -
- +1 (443) 269-1555 x333            Baltimore, Maryland 21218   -
-                                                               -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
This message is copyright PD Inc, subject to license 20080407P00.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux