Re: DNS project... maybe...
From: DNSgeek (dnsgeek_at_locals.com)
Date: Tue, 04 Nov 2003 08:39:03 -0500
Thank you so much for the info... I have learned that
/etc/mail/mailertable is where I can tell my internal mail server to
distribute the emails inside my private LAN... However, we're losing
track of what I'm after...
I'm after being able to resolve for www.foo.dyndns.org, or
ftp.foo.dyndns.org, or irc.foo.dyndns.org... notice the www, ftp, irc...
If I were to attempt to connect to either of these machines from the
outside (from work, for example) into my LAN... I know that
foo.dyndns.org resolves... and lastly, I want my internal LAN to resolve
for the 'ftp', 'www', 'irc', etc...
That's where I can't resolve... maybe the fact that I am using private
IP's internally.... but I know that logically it shouldn't matter...
I don't need to tell the world of DNS that I have private IP's... all I
need is for any request to the left of 'foo.dyndns.org' be resolved
internally with some kind of local, authoritative zone DNS server.
Once again, thanks for the help! :-)
On Tue, 04 Nov 2003 01:39:39 -0500, Eric wrote:
> To set up a mial server you dont need to install a DNS server, that is
> already done for you by dyndns,org
> Technically you need a mx record but it will work without it. You can
> set up a DNS server to be used by your local network only (caching dns)
> but to set up a public DNS server in order to have people on the
> internet resolve names using your server you will need two (different)
> public IP's (1 each) for 2 DNS servers , a primary and a secondary. You
> will have to set them up on the WAN side of your local network, not
> behind the router or whatever cuz they need to be directly accesible. At
> least thats the way it weas explained to me, I wanted to do the same
> If you set up your own mail server, I recommend Postfix and BE SURE to
> set it up so unauthorized people cant relay mail or your ISP will
> eventually shut you down totally, for good probably. Also, enbale
> reverse lookups so incomming mail has to verify the IP against the Helo
> strong. doing so will eliminate almost ALL of your spam. ie HELO none
> will be rejected, hello yahoo.com will be accepted IF (and only if) the
> incomming mail server IP matches back to yahoo.com. If the major ISPs
> would do this 99% of the spam out there would be blocked, why? because
> spammers never want you to know who they are or where the mail actually
> originates from so they lie in the HELO contact. Thats my 2 cents worth