In message <64994169-2c87-4029-9c31-0765608f4...@opendmz.com>,
Christopher van de Sande <cvandesa...@opendmz.com> wrote:
>Yes absolutely correct
>
>If your sever at home is online then it will pass through your cloud VM in
>mere seconds If your home server is offline then it will continue trying
>to deliver at intervals Ewhich you can also configure
Perfect. Just perfect.
Thank you Postfix! Thank you Wietse! Thank you everybody! This is
going to be simpler than I had anticipated, I think. (Knock on wood.)
I do have just a couple of small lingering concerns... things that just
now occurred to me. These relate to dynamic DNS, which I've never actually
used before myself, but which I nontheless have a sort of vague conceptual
understanding of.
As I understand it, you get yourself your own private FQDN, which is
assigned to you by whatever dynamic DNS provider you choose. And then,
each time your machine gets itself a fresh new DHCP lease, it needs to
send that address, in some manner, to the DDNS provider which will then
update the relevant A record based on your new dynamic IP. Is that a
fair summary?
Assuming so, I have two questions about this...
Well, make that one question. (I just answered my own first question,
which was "Yeabut, what if my whole local network is actually behind my
ASUS SOHO WiFi router and what if it is my router intself that is, in
the first instance, getting the DHCP lease?" Apparently, some ASUS
router models, including mine, fortunately, have an in-built DDNS client,
and that in-built DDNS client can, allagedly, work wth both ASUS's own
free DDNS service and also, allegedly, with the one provided by noip.com...
and possibly also others for all I know. So, no problem here! This will
work.)
So, here is my only other question:
Assuming the setup, as discussed here so far, where I'll have a Postfix
instance running on a cloud VM, and where that Postfix instance will have
an appropriate set of entries in transport_maps to cause that Postfix
intance to try to send all mail it has received for my domains on to:
smtp:my-dynamic-fqdn
What happens in this scenario when and if there is a power failure that
takes down my whole network, including my router?
Let's say that the the dynamic IP that I *was* using, just before the
power fail, was a.b.c.d. The question is: While I am wandering around
with my flashlight in the dark, what if some other customer of my ISP
happens to request a DHCP lease and also happens to get a.b.c.d ... which
is possible, because after all, *I* am not using that specific IP address
anymore, so it will have been returned to the DHCP free pool.
In this scenario, could that other party who got a.b.c.d, dynamically,
turn on a mail server and begin sucking down *my* emails from *my* cloud
VM Postfix instance?
I guess that another way of asking this might be: Does DDNS have any sort
of "keep alive" signal that, if it goes dark suddenly, will result in
revocation of the relevant DDNS name-to-address mapping?
I know. I know. I should probably be asking about these DDNS details
someplace else. And I probably shall. But since all you folks here
already know exactly what I'm trying to do, and why, and how, it's just
easier to start here.
If what I have described is in fact a plausible and serious potential
security issue, then I guess that rather than using plain old SMTP to
move messages from my VM Postfix to my home Postfix, maybe I should
instead be looking for some alternative transport protocol that verifies
that the receiving node is actually one that *I* own and control... yes?
Does any such thing exist?
Regards,
rfg
