joe a skrev den 2023-01-06 18:35:
On 1/6/2023 12:15 PM, Kevin A. McGrail wrote:
My interpretation is thus:

You have a firewall with a public IP and an private IP

You have a box with email behind that firewall.

When it talks to the world, it should do helo <fqdn> that maps back to your Firewall's public IP not to a private RFC1918 address.

Regards,KAM

Make sense to me.

So I guess my real question is, how do I cause spamassassin to make
it's query in that fashion?  Since the wiki stated it in a way that
suggests it is a spamassassin feature, I presume to ask here and not
look at the firewall or elsewhere.

KAM is always right firewall :=)

why do you ask for spamassassin configs then ?

if your spamassassin is on rfc1918 ip, then move your local dns server to wan ip on the firewall, then allow query from rfc 1918 on the dns server, listen-on 192.168.1.1 as and example, do list all ips "ip addr show" on the firewall and add all non routeble ips from this list

ps dont bind the wan ip

if you can then use pdns-recursor, with nearly have all good defaults for all needed to be up and running safely

#powerdns Recursor 4.8.0 | Authoritative Server 4.7.3 | dnsdist 1.7.3

if you like to play :=)

bind is not that stable for me sadly, so using other problems to solve what bind dont do well

Reply via email to