Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 5 Aug 1997 09:39:28 -0700 (MST)
From:      Terry Lambert <terry@lambert.org>
To:        karl@Mcs.Net (Karl Denninger)
Cc:        terry@lambert.org, Studded@dal.net, lists@tar.com, freebsd-current@FreeBSD.ORG
Subject:   Re: Moving to a more current BIND
Message-ID:  <199708051639.JAA06341@phaeton.artisoft.com>
In-Reply-To: <19970804205548.33780@Jupiter.Mcs.Net> from "Karl Denninger" at Aug 4, 97 08:55:48 pm
next in thread | previous in thread | raw e-mail | index | archive | help 
> > I can live with my secondary MX queueing up mail.
> > 
> > I can *not* live with my mail being refused for the lack of a
> > correctly named account at the primary MX's IP address.
> 
> You're already stuck with that due to caching behavior.

My primary MX is on the other side of a firewall.

Outside deliveries to my primary MX all fail.  They are delivered
to a gateway machine -- my secondary MX.

The secondary MX can get through the firewall, and flushes it's queue
with relative rapidity, since it is also a CC:Mail gateway and is
configured for protected trans-firewall delivery.

The secondary MX contains the DNS records for the target of the
CNAME, and is the primary for the domain in which it is located.

As far as DNS is concerned, a machine is available as a secondary,
and is looked up through the firewall machine, which knows the
target by multiple "alias" addresses.

As far as SMTP is concerened, the primary mail exchanger is offline
for all external mail, and transiently online from the point of view
of the secondary.

Thus everything "just works", and I do not have to fear stale cache
data, per your allegation.

Plus, I don not have the BS problems other people on this list who
live behind firewalls suffer from (misconfigurations on their part,
IMO).


The one fly in the ointment is that I can not SPAM filter without
receiving the SPAM from my secondary, first.  This is a small price
to pay, and everyone who gets used as a relay for SPAM to me gets an
offer of gratis help to secure their machine from use as a relay, so
SPAMing *me* is a losing proposition anyway.


					Regards,
					Terry Lambert
					terry@lambert.org
---
Any opinions in this posting are my own and not those of my present
or previous employers.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199708051639.JAA06341>