Re: Acceptance of domain literals

From: Kurtis D. Rader (no email)
Date: Fri Jan 02 2004 - 23:05:59 EST

Next message: adi: "PATCH: smtp_connection_maps"
Previous message: Kurtis D. Rader: "Re: Acceptance of domain literals"
Maybe in reply to: Dean Strik: "Re: Acceptance of domain literals"
Next in thread: (no name): "Re: Acceptance of domain literals"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri, 2004-01-02 17:02:08, Kurtis D. Rader wrote:
> On Fri, 2004-01-02 14:01:46, Greg A. Woods wrote:
> > Personally I would never ever even dream of running a mail server behind
> > a NAT. This is far from the only problem you'll encounter.
>
> Huh? I run it on a Linux system behind a Linksys router that is performing
> NAT for me. Works fine.

I'll have to reply to myself since Mr. Woods chose to reply privately then
refused to accept my reponse:

Final-Recipient: rfc822;
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Postfix; host mail.weird.com[204.92.254.2] refused to
talk
    to me: 501-fatal error while validating 'HELO' host name 'skepticism.us'.
    501-connection rejected from 216-99-206-50.cust.aracnet.com remote address
    [216.99.206.50]. 501-Reason given was: 501- No reverse DNS PTR for the
    remote address [216.99.206.50] has a 501 hostname matching
    'skepticism.us'

From: "Kurtis D. Rader" <>
Date: Fri, 2 Jan 2004 19:12:33 -0800
To: "Greg A. Woods" <>
Subject: Re: Acceptance of domain literals

On Fri, 2004-01-02 21:37:09, Greg A. Woods wrote:
> A really simple NAT implementation like that will definitely cause
> problems. You might not always be aware of them.

I'll grant you that many people using such equipment may be unaware of
the limitations and issues. But I assure you I'm not one of them.

The primary reason for using a Linksys NATing router/firewall is
that at the time (approx. 3 years ago) it was the only cost-effective
solution that supported multiple systems on the internal network and
also correctly NAT routed IPsec (necessary for VPN access to IBM's
private network). Since it hasn't died and meets my present needs I
haven't seen a need to replace it with a more capable solution.

> You're undoutably also in a situation where either you're not supposed to
> be running any servers, or at least you're not expected to be doing so.

How the heck did you come to that conclusion? I've leased a static IP from
my ISP (aracnet.com) for the express purpose of running web, email, and
other servers and have their express consent.

-- 
Kurtis D. Rader
+1 503-531-8274

Next message: adi: "PATCH: smtp_connection_maps"
Previous message: Kurtis D. Rader: "Re: Acceptance of domain literals"
Maybe in reply to: Dean Strik: "Re: Acceptance of domain literals"
Next in thread: (no name): "Re: Acceptance of domain literals"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Invaluement Anti-Spam DNSBLs