Server/mail/naming setup theory

Bill Mullen moon at lunarhub.com
Tue Apr 13 18:03:00 EDT 2004


On Tue, 13 Apr 2004, Derek Doucette wrote:

> Alright, this is big and confusing to me, so if you get lost, feel free
> to yell at me, or even better, get feedback on what you understand and
> I'll try to explain better if need be.

Hmmm, can I yell at you about the lack of pre-send word wrap in your mail 
client? C'mon, I really wanna ... ;)

> So here's my situation, I am running a small web/mail server for
> basically my personal needs. I recently got a new job with an ISP and
> found out that my mail was blocked from here and I could not hit the web
> page. This turned out to be due to dns issues. The original domain name
> was with dyndns. I found that I could hit the site by IP, and I had to
> change ports due to my provider blocking port 80.

Can we assume that port 25 is not blocked? It sounds like it isn't from 
what you say below, but I like to be certain on points like this one.

> To make all of this a bit easier for me, I decided to buy a domain name,
> and set up web forwarding through zone edit. This has worked well so
> far, but I still haven't set up my e-mail yet. So I can get to my web
> page, and most people can send me e-mail, but I still get some bouncing
> back or timing out, due to the DNS lookups. I am looking into getting
> off of the old domain name, but not sure the best way to do so. my
> /etc/hosts file is getting bigger and more complicated with many
> aliases.

ZoneEdit was a good choice, IMHO; I use them myself.
 
> So here are some things I'm wondering, and feel free to add in things I
> have overlooked...
> 
> 
>     * How should I set up postfix. For now I would want to receive for
> both old (me.dyndns.org) to the new host (www.me.org) I know that there
> are locations to mess with such as $myhost $mydomain, but I'm still new
> to configuring postfix.

First thing to set is $myhostname. This does not have to agree with the
name that you've given the box in your networking setup; it is the name
that Postfix will refer to itself by in communication with other systems.
The important consideration here is that this name must resolve back to
your external IP address at any given moment, so that receiving systems
can verify that you are who you say that you are, and so that sending
systems can locate you and know that they've found the right system.

If you are lucky, your ISP will provide you with a static hostname, even
though you have a dynamic IP address; on my ISP, the hostname returned
from a reverse lookup ("host <current_IP_address>") is based on the MAC
address of my NIC, and therefore remains the same throughout the changes
in my IP address. If that's also the case for you, set $myhostname to that
name, as it makes everything else a *lot* easier; if not, create an A
record at ZoneEdit called "mail.me.org", give it your current IP address,
and then set in your servers /etc/postfix/main.cf file:

myhostname = mail.me.org

Either way, set $mydomain to be the domain in use on your local LAN, 
which I will assume is the domain that you purchased:

mydomain = me.org

The $myorigin setting will set the domain added to mail without one:

myorigin = $mydomain

>     * Is host forwarding an issue? right now I have www.me.org resolving
> to the zone edit servers and then forwarding to ww2.me.org:8080, which
> is my firewall, which forwards to my server. Can I set up mail to go to
> the domain, or will it need to point to a host? (me at me.org vs.
> me at mail.me.org)

Set your $mydestination setting to accept mail for both domains:

mydestination = $myhostname, localhost.$mydomain, mail.$mydomain, 
$mydomain, other.domain.org

If you have set $myhostname to "mail.me.org", mail.$mydomain will be 
redundant and can be removed from that list.

With this setting, both versions of the email address above will work, 
even though you'll probably only routinely use "me at me.org".

>     * How does mail resolve? Right now mail from me at me.dyndns.org times
> out from work, but me at me.org gets through fine, so the IP range is not
> blocked. I believe if I can set up mail to resolve to the domain, then
> the dns lookup will be ok.

Do you mean "mail to", and not "mail from", in the above? If not, I'm a 
bit unclear on what you're reporting here.

You set up an MX record at ZoneEdit for the entire domain, to point to an
A record that contains the IP address of your firewall. If you have a
static external hostname, you set it to that; if not, you set it to the A
record you created above ("mail.me.org"). The MX record *must* point to an
A record, and not to a CNAME record, even though the latter might seem to
be more convenient.

mail.me.org (or external name) | accepts mail 1st for | me.org

>     * If I need to change my e-mail to a host.me.org format, would it be
> worth it to set up dns on my home network? I get my internet IP
> dynamically, and all my internal hosts (5) except for my server are
> dynamic. so if this is the case, I would also be very greatful for some
> pointers on that.

No need; just put "mail.me.org" into each of the other system's /etc/hosts
files as one of the names by which your server is known, and point all of
your mail clients to that address, so that they all use your mail server
to send, rather than any local SMTP server (and have them use name at me.org
for the sender). Assuming that you are using 192.168.0.x addresses on your
LAN, set $mynetworks in the server's main.cf as follows:

mynetworks = 192.168.0.0/24, 127.0.0.0/8

If you have a static external hostname, you should be pretty much all set 
at this point. If not, then you're faced with having to keep the A record 
at ZoneEdit updated when your IP address changes. There are a number of 
mechanisms by which one can accomplish this, but we'll need to know more 
about your firewall system(/device) to know which one will work best.

HTH!

-- 
Bill Mullen   moon at lunarhub.com   MA, USA   RLU #270075   MDK 8.1 & 9.0
"In communities where men build ships for their own sons to fish or
fight from, quality is never a problem." -- J. A. Dever



More information about the gnhlug-discuss mailing list