Running Home-based mail server, but ISP blocks port 25?
bscott at ntisys.com
bscott at ntisys.com
Mon Dec 16 22:11:35 EST 2002
On Mon, 16 Dec 2002, at 2:28pm, steveo at syslang.net wrote:
> The only thing I can think of is that your nameserver is capable of
> performing some sort of port redirection. e.g., I run with RCN which
> blocks port 80. My nameservice is done via zoneedit.com which provides a
> service to forward to a different port. So I run apache on port 8080 and
> http://www2.syslang.net/ and zoneedit forwards
> http://www.syslang.net/ --> http://www2.syslang.net:8080/
> In the case of RCN, they provide webforwarding but not a generalized port
> forwarding service.
>
> The point is that it has to be done at the nameserver level ...
Not exactly. The Internet Domain Name protocol has no facility for port
redirection or forwarding. In fact, it really does not deal with port
numbers at all.
Say I type "www.unh.edu" into my browser. Mozilla invokes the
gethostbyname(3) standard library call. My DNS resolver queries the DNS for
the A (address) records associated with that name. Right now, that would be
<132.177.132.99>. Mozilla then uses the connect(2) system call to make a
connection to that IP address on TCP port 80 (it uses 80 because I did not
specify a port, and 80 is the default). The port number comes from Mozilla,
not DNS.
Now, in the case of <http://www.syslang.net>, things get a little
convoluted. <www.syslang.net> is a CNAME (alias) for <wf.zoneedit.com>. I
am guessing "wf" stands for "web forwarding". My DNS resolver would thus
have to lookup <wf.zoneedit.com> next. That returns two A records,
<216.40.201.216> and <64.251.66.3>. Mozilla picks one and connects to to it
on port 80. Mozilla then sends an HTTP request that will look something
like this
GET / HTTP/1.1
Host: www.syslang.net
(it includes a lot of other irrelevant crap, too). It includes the "Host"
it was originally told to connect to, because that is part of the HTTP
protocol. The ZoneEdit web server responds with an HTTP response that looks
like this (again, irrelevant portions have been omitted)
HTTP/1.1 302 Found
Location: http://www2.syslang.net:8080/
HTTP result 302 is basically a redirection. Notice the ":8080" in the URL.
That is where the port redirection takes place -- it comes from the ZoneEdit
web server, not at the DNS level.
The reason this is important is that SMTP does not have anything like
HTTP's redirection mechanism, nor does it have a mechanism for specifying
the port number.
The only thing you can do to redirect SMTP is to do port forwarding at the
TCP level. Say you're on a cable ISP that is blocking port 25, but gives
you a static IP address. So, you run your SMTP server on 8025. Say also
that you had a friend with an extra IP address and a lot of bandwidth to
spare. Said friend could configure an IP address, and forward any packet
sent to TCP port 25 at that address to TCP port 8025 on your address.
Configure DNS records such that your domain's mail goes to your friend's IP
address, and ta-da, You've Got Mail.
The reason this kind of port forwarding service is less common is that it
costs a lot more to operate. To redirect a web page, you just need to
redirect the initial page request. To redirect SMTP (or any other arbitrary
TCP port), every single packet sent to the redirected address has to go
through the third-party's bandwidth.
Hope this helps,
--
Ben Scott <bscott at ntisys.com>
| The opinions expressed in this message are those of the author and do not |
| necessarily represent the views or policy of any other person, entity or |
| organization. All information is provided without warranty of any kind. |
More information about the gnhlug-discuss
mailing list