On Mon, 10 May 2021 at 01:17, Matus UHLAR - fantomas via Dnsmasq-discuss <
dnsmasq-discuss@lists.thekelleys.org.uk> wrote:
> On 08.05.21 22:44, Mark wrote:
> >Thanks for the suggestion Petr - have put a DNAT rule in place - does the
> >job. :)
>
> at least until one of your clients start complaining that you are hijacking
> their SMTP connections, which may lead to legal issues.
>
Thanks for your message - not directly related to my question, but I
appreciate the assumptions, opinion and opportunity to discuss.
Given the non-deterministic nature of SMTP (there's no guarantee of how or
when a message will be delivered), I'm surprised that unsigned, unencrypted
messages have any legal standing whatsoever - however, legal systems are a
law to themselves (so to speak).
So, I agree, some jurisdictions *may* determine intercepting (or
"hijacking") SMTP connections has legal implications (although I personally
think this would be a stretch)..however, I'm 100% certain my 'clients'
won't start complaining (never have, never will!). ;)
Thanks again, Mark
>
> >On Sat, 8 May 2021 at 06:33, Petr Menšík <pemen...@redhat.com> wrote:
> >> I don't think there exists way to do what you requested using dnsmasq.
> >>
> >> However, it might work to DNAT rule outgoing SMTP connections to your
> >> smarthost, moving this decision from DNS to IP firewall/NAT. Could be
> >> done only on some gateway of course.
> >>
> >> But I think your users would not like such redirection, I think blocking
> >> outgoing ports and requesting manual configuration from clients might be
> >> more acceptable. Just my 2 cents.
>
> >> On 5/7/21 4:05 PM, Mark wrote:
> >> > I know there are MX related configuration options which can be used in
> >> > dnsmasq.conf (mx-host, mx-target, selfmx and localmx) - however, none
> of
> >> > them appear to be able to deliver the specific functionality I'm
> looking
> >> > for...here's what I'm trying to do...
> >> >
> >> > I have an internal network that is using dnsmasq for name resolution
> and
> >> > some (not all) hosts are using it for DHCP.
> >> >
> >> > I would like dnsmasq to deliver a single MX record back to MX queries
> >> > from
> >> > hosts on my internal network no matter what mail domain is being
> included
> >> > in their MX query - i.e. a 'wildcard MX' (which I'll point to my SMTP
> >> > smarthost).
> >> >
> >> > The description of the 'mx-host' option in dnsmasq's man page makes
> >> > reference to this type of requirement ("for directing mail from
> systems
> >> > on
> >> > a LAN to a central server") - however, dnsmasq still appears to need
> to
> >> > be
> >> > configured to provide responses only for specifically mail domains
> >> > ("hostname") MX requests.
> >> >
> >> > Essentially, I believe I want to specify a wildcard as the "hostname"
> >> > (really "mail domain").
> >> >
> >> > I wondered if it's possible to deliver this functionality with the
> >> > current
> >> > dnsmasq?
> >> >
> >> > Appreciate any insights you're able to share.
>
> --
> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> Save the whales. Collect the whole set.
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
