Re: Acceptance of domain literals

From: Kurtis D. Rader (no email)
Date: Fri Jan 02 2004 - 23:03:18 EST

• Next message: Kurtis D. Rader: "Re: Acceptance of domain literals"
• Previous message: Noel Jones: "Re: Please help ... looks like mail is sent to content filter twice"
• Maybe in reply to: Dean Strik: "Re: Acceptance of domain literals"
• Next in thread: Kurtis D. Rader: "Re: Acceptance of domain literals"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I'll have to reply to myself since Mr. Woods chose to reply privately then
refused to accept my reponse:

<>: host mail.weird.com[204.92.254.2] refused to talk to me:
    501-fatal error while validating 'HELO' host name 'skepticism.us'.
    501-connection rejected from 216-99-206-50.cust.aracnet.com remote address
    [216.99.206.50]. 501-Reason given was: 501- No reverse DNS PTR for the
    remote address [216.99.206.50] has a 501 hostname matching
    'skepticism.us'

From: "Kurtis D. Rader" <>
Date: Fri, 2 Jan 2004 19:15:24 -0800
To: "Greg A. Woods" <>
Subject: Re: Acceptance of domain literals

On Fri, 2004-01-02 21:37:51, Greg A. Woods wrote:
> [ On Friday, January 2, 2004 at 17:17:18 (-0800), Kurtis D. Rader wrote:
> ]
> > Subject: Re: Acceptance of domain literals
> >
> > What sorry excuse for a NATing firewall are you talking about?
>
> Yours, for example.

It works just fine for the intended purpose. Yes, it does have some
shortcomings (e.g., not properly handling ICMP PORT_UNREACHABLE replies
which breaks traceroute unless you tell it to use ICMP ECHO instead of UDP
datagrams). But I'm not aware of any flaws that would make it unsuitable
for use between a low-volume Postfix MTA and the Internet. If you know of
such flaws I would be interested in hearing about them, as would the other
readers of postfix-users.

> > What exactly do you mean by "error handling at the connection level
> > will be broken"?
>
> Do you understand all the nitty gritty details about TCP & ICMP? I
> didn't think so.

Yes, I do. I've earned my living doing UNIX system support for the
past 15 years. That includes helping customers like Intel, US West,
and Boeing solve network related problems. Prior to that I was the
admin for a state agency that was one of the first in Oregon to deploy
an Ethernet network (back in the days before TCP/IP was the dominant
protocol). While network protocols are not my primary area of expertise
(system performance) I do have a clue about such matters.

Mr. Wietse provided a cogent answer regarding the potential problems
one might encounter running Postfix behind a NAT router/firewall. You
replied with FUD.

• Next message: Kurtis D. Rader: "Re: Acceptance of domain literals"
• Previous message: Noel Jones: "Re: Please help ... looks like mail is sent to content filter twice"
• Maybe in reply to: Dean Strik: "Re: Acceptance of domain literals"
• Next in thread: Kurtis D. Rader: "Re: Acceptance of domain literals"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]