Re: [exim] Exim server behind NAT router (and HELO)

Top Page
Delete this message
Reply to this message
Author: Marc Sherman
Date:  
To: Matt Fretwell
CC: exim
Subject: Re: [exim] Exim server behind NAT router (and HELO)
Matt Fretwell wrote:
>
> Hell, no :) Although this subject is one of my major gripes, (and I
> can whinge emphatically about it), I am also enough of a realist to
> know that most forms of HELO restriction will cause more harm than
> good. Apart from blatant HELO deviations, I am very lenient in my
> HELO restrictions. I don't really have much choice unless I wish to
> block a good 15% + of smtp clients|servers :)
>
> As a general point, how long would it take you to add an entry in DNS
> to make that a valid hostname? What reason is there not to?


Well, I wouldn't want to solve the problem that way; rather, I'd
configure exim to EHLO as projectile.ca. The pyloric.projectile.ca name
resolves internally to a private IP address used on the internal
network, and I want to keep it that way. Having a name resolve to two
different IP addresses, on different networks, would be Bad Thing.

I'd rather not change things, though. I think it's a feature that my
outgoing mail is logged the way it is in Received headers -- if those
headers ever get sent back to me as part of an abuse report, it tells me
exactly where on my internal network the mail originated from. That's
an example of the debugging purposes that, IMO, the RFC requirement is
there for in the first place.

- Marc