Am 04.04.2011 02:22, schrieb Vincent Lefevre: >> why not? > > Because strictly speaking, due to NAT, the DNS would lie. I mean that > the address would not be the address of the machine sending the mail, > but the address of the router.
nobody out there is interested on your NAT the server on the other side is seeing only your public address and your public adress have a hostname / ptr and your postfix should match this hostname the dns do not lie, you never connect outside with anything of your NAT because the nature of NAt is to be transparent >> EHLO/HELO, A, PTR are matching >> where is the problem? > > They won't even necessarily match for some machines. For instance, > one of them is a laptop, which is not always on the same network. > I suppose that should not be a problem, but who knows... that is why you should NOT direct mail from every single machine and setup ONE LAN-Relay which normally use a clean relay-host and does NOT direct send mails as long it is not needed so you can comment out realy-host temorary, restart postfix and all other machines in your LAN are working as expected now you come even with "direct send from a notebook" jesus christ this is really ignorant! > Even an address literal in square brackets isn't reliable: I had been > testing this for a couple of weeks and I got a reject a few minutes > ago: > > Helo command rejected: IP literal in HELO hostname (in > reply to RCPT TO command) that is why i said "do not send directly" unless your whole configuration is clean (dns, HELO,...) and as long you want that your messages are received and not rejected or even silently dropped
signature.asc
Description: OpenPGP digital signature
