Sendmail on a LAN
 

On 08/16/2010 12:24 PM, Gregory Woodbury wrote:
>
>
> On Mon, Aug 16, 2010 at 1:46 PM, JD <jd1008@gmail.com
> <mailto:jd1008@gmail.com>> wrote:
>
> I read the wiki for setting up and configuring sendmail
> http://www.wikihow.com/Configure-Sendmail
>
> Clearly, a full setup of DNS server for your domain
> must be set up, per this wiki, along with mx records ...etc.
>
> Does this prevent one from settiing up and using sendmail
> on a LAN to send and receive email to/from the outside world?
>
>
> In a word, no.
>
> Get a dyndns.com <http://dyndns.com> name for your router public ip
> address and set up at
> dyndns to get mail delivered to that name. Set your router to forward
> incoming SMTP
> to the appropriate machine and go from there.
>
> The main router is set up to forward all necessary ports
> (smtp, pop, pop3, ....etc) to the machine which would run
> sendmail. The firewall on the machine is set up to allow
> packets to/from these ports.
>
> I understand that some things need to be set up so that sendmail
> sends headers that use a routable IP address as the source of
> the message. Is it possible to make sendmail use my router's
> public IP address in the message headers? How?
>
>
> Sendmail doesn't use IPs *per se* but using the name you get is necessary.
> For example (some names changed to protect the guilty):
>
> my machine "masquerades" as wolves.durham.nc.us
> <http://wolves.durham.nc.us> with the MX for that domain
> pointing to my router's name via dyndns.com <http://dyndns.com>. The
> router port forwards 25 to the
> appropriate machine and the conversations carry on as usual.
>
> Outgoing, I have sendmail using gmail as my smart host, with appropriate
> authconfig settings for my gmail account.
>
> The key is to "MASQUERADE AS" in the sendmail.mc <http://sendmail.mc>
> file.
> MASQUERADE_AS(`wolves.example.net <http://wolves.example.net>')dnl
> FEATURE(masquerade_envelope)dnl
> This tells sendmail to use the name you want.
>
> Hope this Helps
> --
> G.Wolfe Woodbury
>
Thank you Gregory.
I will try it.

Cheers,

JD
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Sendmail on a LAN
 

On 08/16/2010 10:46 AM, JD wrote:
>
> Clearly, a full setup of DNS server for your domain
> must be set up, per this wiki, along with mx records ...etc.
>
> Does this prevent one from settiing up and using sendmail
> on a LAN to send and receive email to/from the outside world?

Not by itself, but I don't like the advice in that tutorial. It
suggests a configuration with a catch-all address. Long-term, you'll
find that you have to turn this off or else your catch-all will receive
an enormous amount of spam sent by spammers who used a dictionary attack
and found that every address they test is valid on your system. Without
a catch-all, there's no purpose in using the virtual user feature at
all, so the howto is somewhat more complicated than it needs to be.

Beyond that, it does not address several practical concerns with setting
up a mail server. First, you'll need a static address and a proper PTR
for it. You won't be able to set up a PTR without a static address, and
if the reverse lookup for your IP address isn't valid, many systems will
refuse your mail. The reverse lookup (PTR) for your address must be a
hostname that resolves to your IP.

aa.bb.cc.dd -> PTR myhost.example.com
myhost.example.com -> A aa.bb.cc.dd

You should also look up your IP address on a blacklist watcher:
http://www.dnswatch.info/dns/rbl-lookup

If you're listed in one of the dynamic IP blacklists, you want to set up
a smart host through which you'll relay mail. Many sites will otherwise
reject your messages. Likewise, if your ISP prevents you from making
outbound connections to port 25, you'll need to use a smart host,
because you couldn't send mail any other way.

> I understand that some things need to be set up so that sendmail
> sends headers that use a routable IP address as the source of
> the message. Is it possible to make sendmail use my router's
> public IP address in the message headers? How?

No, that's not quite right. Sendmail should be configured to use a
valid hostname for HELO, but the IP address will be recorded in a header
which is set by the receiver of the message. You can't do anything to
change that.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Sendmail on a LAN
 

On 08/17/2010 08:47 AM, Gordon Messmer wrote:
> On 08/16/2010 10:46 AM, JD wrote:
>> Clearly, a full setup of DNS server for your domain
>> must be set up, per this wiki, along with mx records ...etc.
>>
>> Does this prevent one from settiing up and using sendmail
>> on a LAN to send and receive email to/from the outside world?
> Not by itself, but I don't like the advice in that tutorial. It
> suggests a configuration with a catch-all address. Long-term, you'll
> find that you have to turn this off or else your catch-all will receive
> an enormous amount of spam sent by spammers who used a dictionary attack
> and found that every address they test is valid on your system. Without
> a catch-all, there's no purpose in using the virtual user feature at
> all, so the howto is somewhat more complicated than it needs to be.
>
> Beyond that, it does not address several practical concerns with setting
> up a mail server. First, you'll need a static address and a proper PTR
> for it. You won't be able to set up a PTR without a static address, and
> if the reverse lookup for your IP address isn't valid, many systems will
> refuse your mail. The reverse lookup (PTR) for your address must be a
> hostname that resolves to your IP.
>
> aa.bb.cc.dd -> PTR myhost.example.com
> myhost.example.com -> A aa.bb.cc.dd
>
> You should also look up your IP address on a blacklist watcher:
> http://www.dnswatch.info/dns/rbl-lookup
>
> If you're listed in one of the dynamic IP blacklists, you want to set up
> a smart host through which you'll relay mail. Many sites will otherwise
> reject your messages. Likewise, if your ISP prevents you from making
> outbound connections to port 25, you'll need to use a smart host,
> because you couldn't send mail any other way.
>
>> I understand that some things need to be set up so that sendmail
>> sends headers that use a routable IP address as the source of
>> the message. Is it possible to make sendmail use my router's
>> public IP address in the message headers? How?
> No, that's not quite right. Sendmail should be configured to use a
> valid hostname for HELO, but the IP address will be recorded in a header
> which is set by the receiver of the message. You can't do anything to
> change that.

Well, that's very interesting.
I am on the verge of giving up.

Re: a.b.c.d ==> valid.host.name
and valid.host.name ==> a.b.c.d

does not seem to apply to the google smtp server I use for Thunderbird.
To wit:

$ nslookup
> smtp.gmail.com
Server: 156.154.70.1
Address: 156.154.70.1#53

Non-authoritative answer:
smtp.gmail.com canonical name = gmail-smtp-msa.l.google.com.
Name: gmail-smtp-msa.l.google.com
Address: 74.125.127.109


> 74.125.127.109
Server: 156.154.70.1
Address: 156.154.70.1#53

Non-authoritative answer:
109.127.125.74.in-addr.arpa name = pz-in-f109.1e100.net.

Authoritative answers can be found from:


> pz-in-f109.1e100.net
Server: 156.154.70.1
Address: 156.154.70.1#53

Non-authoritative answer:
Name: pz-in-f109.1e100.net
Address: 74.125.127.109


So, Thunderbird client does not seem to mind that
reverse lookup does not match the name smtp.gmail.com

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Sendmail on a LAN
 

On Mon, 2010-08-16 at 15:24 -0400, Gregory Woodbury wrote:
> Get a dyndns.com name for your router public ip address and set up at
> dyndns to get mail delivered to that name.

Of course, if your IP changes, then mail is going to get screwed up
during the time it takes for next delivery attempt to go to your new IP
address, instead of the old one.

Dyndns, and other such things, are useful for giving yourself a hostname
that you can control, to a static IP. But aren't going to be much good
if you have a dynamic IP. Private webserving's easy enough with a
varying IP, mail serving's another matter.


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Sendmail on a LAN
 

On 08/17/2010 09:36 AM, Tim wrote:
> On Mon, 2010-08-16 at 15:24 -0400, Gregory Woodbury wrote:
>> Get a dyndns.com name for your router public ip address and set up at
>> dyndns to get mail delivered to that name.
> Of course, if your IP changes, then mail is going to get screwed up
> during the time it takes for next delivery attempt to go to your new IP
> address, instead of the old one.
>
> Dyndns, and other such things, are useful for giving yourself a hostname
> that you can control, to a static IP. But aren't going to be much good
> if you have a dynamic IP. Private webserving's easy enough with a
> varying IP, mail serving's another matter.
>
>
My router's public IP address is static. So that is not a problem.
But per other replies on this list, it sounds like
a complicated puzzle to solve.
I have a dyndns name. and it maps onto my router's static IP
address. But I think at&t is blocking port 25.
I will have to talk to them and see if they will open it up.
I really need a tutorial on how I can accomplish this when
my sendmail machine is on a LAN.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Sendmail on a LAN
 

On 08/17/2010 12:09 PM, JD wrote:
> My router's public IP address is static. So that is not a problem.
> But per other replies on this list, it sounds like
> a complicated puzzle to solve.
> I have a dyndns name. and it maps onto my router's static IP
> address. But I think at&t is blocking port 25.
> I will have to talk to them and see if they will open it up.
> I really need a tutorial on how I can accomplish this when
> my sendmail machine is on a LAN.
I don't know if it is the same where you are, but here in Milwaukee
AT&T blocks outgoing connections to port 25 to anything but their
own mail servers. But if you ask, and have a reasonable excuse, they
will open it up for you. I am not sure about incoming port 25
connections, as I have not asked to have one opened up.

Mikkel
--

Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Sendmail on a LAN
 

On 08/17/2010 12:36 PM, Tim wrote:
> Dyndns, and other such things, are useful for giving yourself a hostname
> that you can control, to a static IP. But aren't going to be much good
> if you have a dynamic IP. Private webserving's easy enough with a
> varying IP, mail serving's another matter.
>
You can update dyndns every month even if your ip changes. MY IP lease
used to last a month.. YMMV
I decided to go the extra mile & $5 a month & get a static IP..

--
Paul Cartwright
Registered Linux user # 367800
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Sendmail on a LAN
 

On Tue, Aug 17, 2010 at 10:09:55AM -0700, JD wrote:
> On 08/17/2010 09:36 AM, Tim wrote:
> > On Mon, 2010-08-16 at 15:24 -0400, Gregory Woodbury wrote:
> >> Get a dyndns.com name for your router public ip address and set up at
> >> dyndns to get mail delivered to that name.
> > Of course, if your IP changes, then mail is going to get screwed up
> > during the time it takes for next delivery attempt to go to your new IP
> > address, instead of the old one.
> >
> > Dyndns, and other such things, are useful for giving yourself a hostname
> > that you can control, to a static IP. But aren't going to be much good
> > if you have a dynamic IP. Private webserving's easy enough with a
> > varying IP, mail serving's another matter.
> >
> >
> My router's public IP address is static. So that is not a problem.
> But per other replies on this list, it sounds like
> a complicated puzzle to solve.
> I have a dyndns name. and it maps onto my router's static IP
> address. But I think at&t is blocking port 25.
> I will have to talk to them and see if they will open it up.
> I really need a tutorial on how I can accomplish this when
> my sendmail machine is on a LAN.

some years ago, one of those dynamic dns providers (it might have been
dyndns--I can't really remember with any certainty) offered a non-free
service where they would reroute smtp traffic for your domain to some
port other than 25, so you could put your sendmail (or whatever) on some
non-standard port, the whole point being to foil the gestapo-like rules
of some ISPs.

--
-------------------------------------------------------------------------------
Under no circumstances will I ever purchase anything offered to me as
the result of an unsolicited e-mail message. Nor will I forward chain
letters, petitions, mass mailings, or virus warnings to large numbers
of others. This is my contribution to the survival of the online
community.
--Roger Ebert, December, 1996
----------------------------- The Boulder Pledge -----------------------------
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Sendmail on a LAN
 

On 08/17/2010 12:56 PM, PaulCartwright wrote:
> On 08/17/2010 12:36 PM, Tim wrote:
>> Dyndns, and other such things, are useful for giving yourself a hostname
>> that you can control, to a static IP. But aren't going to be much good
>> if you have a dynamic IP. Private webserving's easy enough with a
>> varying IP, mail serving's another matter.
>>
> You can update dyndns every month even if your ip changes. MY IP lease
> used to last a month.. YMMV
> I decided to go the extra mile & $5 a month & get a static IP..
>
Every month? I use ddclient to check the router's external IP every 6
minutes. If it changes, I update DYNDNS. (I have a "custom zone" so
DYNDNS handles the DNS for sterndata.com.) Before I switched to Google
for my domain mail, I used to run a mail server here -- before Comcast
blocked incoming and outgong traffic on port 25. FYI, DYNDNS offers a
service called "mail-hop" that will act as your MX server, taking mail
on port 25 and sending it to your internal server on whatever port you
specify.

--
-- Steve
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Sendmail on a LAN
 

On 08/17/2010 11:12 AM, fred smith wrote:
> On Tue, Aug 17, 2010 at 10:09:55AM -0700, JD wrote:
>> On 08/17/2010 09:36 AM, Tim wrote:
>>> On Mon, 2010-08-16 at 15:24 -0400, Gregory Woodbury wrote:
>>>> Get a dyndns.com name for your router public ip address and set up at
>>>> dyndns to get mail delivered to that name.
>>> Of course, if your IP changes, then mail is going to get screwed up
>>> during the time it takes for next delivery attempt to go to your new IP
>>> address, instead of the old one.
>>>
>>> Dyndns, and other such things, are useful for giving yourself a hostname
>>> that you can control, to a static IP. But aren't going to be much good
>>> if you have a dynamic IP. Private webserving's easy enough with a
>>> varying IP, mail serving's another matter.
>>>
>>>
>> My router's public IP address is static. So that is not a problem.
>> But per other replies on this list, it sounds like
>> a complicated puzzle to solve.
>> I have a dyndns name. and it maps onto my router's static IP
>> address. But I think at&t is blocking port 25.
>> I will have to talk to them and see if they will open it up.
>> I really need a tutorial on how I can accomplish this when
>> my sendmail machine is on a LAN.
> some years ago, one of those dynamic dns providers (it might have been
> dyndns--I can't really remember with any certainty) offered a non-free
> service where they would reroute smtp traffic for your domain to some
> port other than 25, so you could put your sendmail (or whatever) on some
> non-standard port, the whole point being to foil the gestapo-like rules
> of some ISPs
Well, that would require that sendmail would have to listen
on that alternate port. How is that accomplished?
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines