Re: [Exim] I wish HELO had never been thought of!

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Bill Moseley
Dátum:  
Címzett: Exim Users Mailing List
Tárgy: Re: [Exim] I wish HELO had never been thought of!
On Fri, May 16, 2003 at 03:04:31PM -0400, Greg A. Woods wrote:
> [ On Friday, May 16, 2003 at 05:28:18 (-0700), moseley@??? wrote: ]
> > Subject: Re: [Exim] I wish HELO had never been thought of!
> >
> > So what's the proper exim setup when machines are on a NAT'ed network?
>
> The NAT _MUST_ appear to be invisible for all intents and purposes, no
> matter which way the SMTP connection is going through it.


I assume that does not include a received header that might track internal flow.

> If you can't get the mailer behind the NAT to work properly and
> transparently and fully honour all the rules of SMTP and DNS, just as if
> the NAT were not there, then you have a bogus and invalid configuration.


So the options suggested so far:

- use a smarthost

- spoof my HELO to be my NAT machine so reverse works

- add "external" view DNS A records for my internal machines all pointing to my NAT machine
so reverse works.

I think the smarthost is the best plan, and then pick some method to securely use the
smarthost when I'm on the outside of the smarthost.

Thanks,


--
Bill Moseley
moseley@???