Jump to content
Sign in to follow this  
Schneibster

NAT and receiving hostnames

Recommended Posts

I report spam from two addresses, and they are both behind NAT firewalls. When I set up in the Mailhosts application, it groks my internal hostnames, which are simply the internal hostname.internal.mydomain.com. This hostname cannot be looked up on the open 'Net, for security reasons- not to mention I am using the internal IP addresses for them both, 192.168.x.x, so it wouldn't do any good to look it up anyway, and even if you could, the NAT wouldn't pass it.

The NAT, of course, turns it into the real IP address of the NAT firewall's Internet connection. Mailhost does correctly grok those real IP addresses.

On edit: Just for clarity, my firewall is a NAT only, with port triggering/port forwarding. It does not do SPI, nor does it change anything but the port and IP address in the IP header.

Is this correct? Will this work properly?

Thanks! :D

-Da Schneib

Edited by Schneibster

Share this post


Link to post
Share on other sites

I've no idea what these new entries will do fir the database, but .. looking at things from a different perspective ... the parser should never try to generate a report about an IP od 192.168.x.x, so the results of a parse should be focused on the levels long before your internal network shows up. What results are you seeing from a parse at the present time?

Share this post


Link to post
Share on other sites
I've no idea what these new entries will do fir the database, but .. looking at things from a different perspective ... the parser should never try to generate a report about an IP od 192.168.x.x, so the results of a parse should be focused on the levels long before your internal network shows up.  What results are you seeing from a parse at the present time?

21225[/snapback]

Looks fine, for one of them- I haven't received any spam on the other.

Were you clear on why I have it set up this way, and on how the DNS setup works with it? If you have any questions, I'll be happy to answer them.

I'm assuming at this point that you pick up on the IP address of the Internet connection.

Share this post


Link to post
Share on other sites

Am I clear? Who knows? Went with the apparent description that you're running an e-mail server within your local network. Noted your posting address, which has its own interesting charcteristics, giggled a bit about your "security issues" .. and simply pointed out the obvious. With a non-routable IP address, the parser would either handle things OK or barf up over the 'impossible configuration' scenario. If there are any issues, you'd need to follow the trail identified in the Pinned items here and talk to one of the Deputies anyway <g>

Share this post


Link to post
Share on other sites
Looks fine, for one of them- I haven't received any spam on the other.

Were you clear on why I have it set up this way, and on how the DNS setup works with it? If you have any questions, I'll be happy to answer them.

I'm assuming at this point that you pick up on the IP address of the Internet connection.

21228[/snapback]

The best way to tell if there is a problem is for you to parse a spam (or any email for that matter) for each of your entries and then to send me the tracking url -- you can cancel reports. Or you can post the tracking urls here if you would like.

Share this post


Link to post
Share on other sites
The best way to tell if there is a problem is for you to parse a spam (or any email for that matter) for each of your entries and then to send me the tracking url -- you can cancel reports. Or you can post the tracking urls here if you would like.

21239[/snapback]

So far, so good- but I still have yet to receive any spam on one of them. You're too efficient. :D

Share this post


Link to post
Share on other sites

As Ellen mentioned, you don't need to wait for a spam. Send yourself a message from another system and see if the parser gets it right. Just make sure to cancel the parse rather than report it.

Share this post


Link to post
Share on other sites
As Ellen mentioned, you don't need to wait for a spam.  Send yourself a message from another system and see if the parser gets it right.  Just make sure to cancel the parse rather than report it.

21248[/snapback]

Works fine. Thanks!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×