On 4/6/20 3:17 PM, Ashley Dixon wrote:
Hello,
Hi,
[O.T.] Unfortunately, Grant, I cannot reply to your direct e-mail. My
best guess is that you have a protection method in place in the
event that the reverse D.N.S.\ does not match the forward ?
You're close. I do require reverse DNS. I will log a warning if
forward and reverse don't match, but the email should still flow. Lack
of reverse DNS is problematic though.
As I'm on a domestic I.P., this is out of my control (i.e., `nslookup
mail.suugaku.co.uk` returns my I.P., but `nslookup <I.P.>` returns
some obscure hostname provided by my I.S.P.).
Oops!
Been there. Done that.
I've added your mail server's name & IPv4 & IPv6 addresses to my
/etc/hosts file. Please try again. I'll also send you an email from an
alternate address.
Sadly, it doesn't look like you can use the hack that I've used in the past.
If forward and reverse DNS do match <something>, you can configure your
outgoing email server to simply use that name when talking to the
outside world.
Unfortunately, it doesn't look like you can do that because the forward
DNS doesn't return an A / AAAA record for the name name that the PTR
returns.
This sounds quite enticing; I'll have a look, thanks :)
:-)
I didn't mean to infer that my back-up server would be different to my
primary server, as my primary is rather minimal. And yes, good point,
I suppose if anything, I should have tougher anti-spam measures on
my backup MX :)
For simplicity and consistency sake, I'd encourage you to have the same
spam / virus / hygiene filtering on all mail servers that you control.
This is what I was intending to do. I hadn't even considered
dynamically playing with the D.N.S., given that addresses are commonly
cached for a short period to avoid hammering name-servers (?)
You have influence on how long things are cached for by adjusting the
TTL value in your DNS.
I say "influence" vs "control" because not all recursive DNS servers
honor the TTL value that you specify. Some servers set a lower and / or
upper bound on the TTL that they will honor.
Oh my goodness, I feel silly now :) I was considering just using
courier to catch the incoming mail, and then rsync it over to my
primary when it comes back on-line,
I supposed that you could have a full functional mail server, including
delivering to mailboxes and then synchronizing the mailboxes between the
servers. But that would be more work, and I'm guessing that's contrary
to the simple alternate server that I think you are after.
but using an S.M.T.P.-forwarder certainly seems more elegant.
;-)
Cheers for your help and detailed explanations Grant. Not only will
your suggestions make my humble mail server operate better, but it's
also great fun to set up :)
You're quite welcome.
--
Grant. . . .
unix || die
