setting up a local outbound mailserver at home for dialup

Joseph Mack NA3T jmack at wm7d.net
Thu Nov 20 21:06:30 EST 2003 

On Thu, 20 Nov 2003, Joseph Moran wrote:

>
> On Thu, 20 Nov 2003, Joseph Mack NA3T wrote:
>
> > if I use
> >
> > $ mail
> >
> > and send something by hand, I get the reverse DNS error at the target
> > machine, meaning that it bypassed the ISPs username/passwd step.
>
> Interesting.

this was all from memory.

just did these tests, all sending mail from my router on my dial-up setup
to this machine on the internet (where I'm sending this reply from).
In this order from a newly dialed up machine.

mail_client relay_machine             result


`mail`      none              works (target receives mail)
`netscape`  mail.myisp.com    works (requires passwd)
`netscape`  outside machine   fails "not member of target's domain"
                                    (assume message from outside machine)
`netscape`  home client       fails "relaying denied"
                                    (assume message from home client)



> Most stock implementations of 'mail' have no idea about
> using another MTA as a relay, they just attempt a direct TCP connection to
> port 25 of the host that claims to receive your recipient's mail.  In this
> situation, it sounds like 'mail' succeeds in the connection (so your new
> ISP isn't blocking outbound sessions to port 25), but the recieving host
> is telling your 'mail' to piss off because your (public/external) IP
> address doesn't resolve.

I didn't have all the data when mailed you earlier.

`mail` gets through, presumably because ppp0 on my router is reverse
DNSable (dialup-xxx.myisp.com)

> Many ISPs provide reverse DNS for their PPP address pools, but many
> don't.  I guess yours doesn't.  You could always try pointing out this
> deficiency to them -- it's not hard to fix if they put their minds to
> it.
>
> You're able to send mail out by relaying through your ISP's MTA.  That's
> probably what your ISP would prefer you do.  Are you able to send mail in
> this manner -before- you run into this HTTP login window?  You'll probably
> have to use a non-Web mail client to test this.

the `mail` case shows that I can send mail without the ISP's
authentication straight after dialup

> Pine is easy enough to use for this sort of testing, and it can be told
> to use an SMTP gateway.

didn't know you could tell pine to do this.

> Setting up an SMTP server on your own gateway won't get around the reverse
> DNS issue on its own.

with the new info, it might be OK

> You could do it provided you had your SMTP server relay through your
> ISP's MTA (if you do this, you'll need to tell your mail client to use
> your own SMTP server as the MTA instead of your ISP's).

this IS what I wanted to do. I don't want to change the mail setup for
my internal machines when I use a different ISP. I can have my ppp-up
script handle the reconfiguration of my router for each different ISP.

> I'm not sure the added complexity is warranted here.

it helps if you have a lot of machine inside.

> Kind of funny that your IP address doesn't resolve, but your ISP's MTA
> accepts mail from it.

I gave you bad data.

Presumably early on I got the two different failures and just remembered
that the mail didn't go through but not that they were different cases.
I then got confused with the HTTP authentication from my ISP

It appears then that the problem is that my MTA on the router is not setup
to relay. Presumably when I fix that, I'm done (but not tonight, have to
get up early).

THanks for your suggesed tree of tests this afternoon.

Joe

-- 
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
mailto:jmack at wm7d.net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
It's GNU/Linux!

More information about the ncsa-discussion mailing list