Re: [exim] Exim server behind NAT router (and HELO)

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\Toralf Lund at <-
MMJeremy Harris at ->
Delete this message
Reply to this message
Author: Toralf Lund
Date:  
To: exim-users
Subject: Re: [exim] Exim server behind NAT router (and HELO)
kmb wrote:

>Toralf Lund Wrote:
>
>
>>I'm running an Exim (version 4.43 on Linux) server on a private network
>>
>>with an address-translating router. Works rather well, but the address
>>
>>translation means that the HELO (or maybe it's EHLO? It really makes no
>>
>>difference in this context) won't be valid - so if I e.g. send to the
>>Exim router at work which does HELO checks, I get a HELO warning.
>>That's
>>if I don't use hardcoded addresses or anything in the Exim conf, of
>>course. I can't just insert the info there, either, as the router has
>>dynamic address setup, so the address it translates to as well as the
>>associated hostname might change.
>>
>>Is anyone else running Exim in such a setup? What's the best way to get
>>
>>a correct HELO?
>>
>>- Toralf
>>
>>
>>
>
>
>Yes there is a correct way to configure a MTA behind a NAT router and a
>Dynamic IP address setup... Please use an Upstream Smart host.
>
I've considered that. However, isn't there also an HELO/EHLO involved
when the local MTA passes on data to the smart host, and shouldn't that
be valid, too?

Something else I've been wondering about is if the smarthost may be
dynamically configured, too. Like, can I tell exim to always use the
official MX for the current domain? (I'm looking for a setup that works
without modifications when you e.g. move the PC between your ISP at home
and the LAN at the work.)

> If you
>choose to send email out directly, please be aware that many servers
>will not accept your emails.
>
Like I said elsewhere, I'm aware of the risk. However, it may look like
I'm fortunate enough to be given IP addresses from a range that nobody
has listed (yet) as a "dynamic range" for purposes of address checks.

> Most major ISPs will not even accept it
>if you are comming from a fixed IP address that does not have a proper
>ReverseDNS or one that is carved out of a "traditional dynamic range"
>I had to jump through several hoops with my setup because my Fix IP
>range Is a subset of a larger Dynamic range...
>
>
Urgh. I always thought that purchasing a fixed address would help...

>It is a Nightmare and not worth the trouble you are going to find...
>But, It's your server and your Email so you can do what you want with
>it..
>
>Kevin
>
>
>
>




This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] ldap_result loop[exim] Repost - Help with router condition - Repost->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)