Jump to content

NAT and receiving hostnames


Recommended Posts

Posted

I report spam from two addresses, and they are both behind NAT firewalls. When I set up in the Mailhosts application, it groks my internal hostnames, which are simply the internal hostname.internal.mydomain.com. This hostname cannot be looked up on the open 'Net, for security reasons- not to mention I am using the internal IP addresses for them both, 192.168.x.x, so it wouldn't do any good to look it up anyway, and even if you could, the NAT wouldn't pass it.

The NAT, of course, turns it into the real IP address of the NAT firewall's Internet connection. Mailhost does correctly grok those real IP addresses.

On edit: Just for clarity, my firewall is a NAT only, with port triggering/port forwarding. It does not do SPI, nor does it change anything but the port and IP address in the IP header.

Is this correct? Will this work properly?

Thanks! :D

-Da Schneib

Posted

I've no idea what these new entries will do fir the database, but .. looking at things from a different perspective ... the parser should never try to generate a report about an IP od 192.168.x.x, so the results of a parse should be focused on the levels long before your internal network shows up. What results are you seeing from a parse at the present time?

Posted
I've no idea what these new entries will do fir the database, but .. looking at things from a different perspective ... the parser should never try to generate a report about an IP od 192.168.x.x, so the results of a parse should be focused on the levels long before your internal network shows up.  What results are you seeing from a parse at the present time?

21225[/snapback]

Looks fine, for one of them- I haven't received any spam on the other.

Were you clear on why I have it set up this way, and on how the DNS setup works with it? If you have any questions, I'll be happy to answer them.

I'm assuming at this point that you pick up on the IP address of the Internet connection.

Posted

Am I clear? Who knows? Went with the apparent description that you're running an e-mail server within your local network. Noted your posting address, which has its own interesting charcteristics, giggled a bit about your "security issues" .. and simply pointed out the obvious. With a non-routable IP address, the parser would either handle things OK or barf up over the 'impossible configuration' scenario. If there are any issues, you'd need to follow the trail identified in the Pinned items here and talk to one of the Deputies anyway <g>

Posted
Looks fine, for one of them- I haven't received any spam on the other.

Were you clear on why I have it set up this way, and on how the DNS setup works with it? If you have any questions, I'll be happy to answer them.

I'm assuming at this point that you pick up on the IP address of the Internet connection.

21228[/snapback]

The best way to tell if there is a problem is for you to parse a spam (or any email for that matter) for each of your entries and then to send me the tracking url -- you can cancel reports. Or you can post the tracking urls here if you would like.

Posted
The best way to tell if there is a problem is for you to parse a spam (or any email for that matter) for each of your entries and then to send me the tracking url -- you can cancel reports. Or you can post the tracking urls here if you would like.

21239[/snapback]

So far, so good- but I still have yet to receive any spam on one of them. You're too efficient. :D
Posted

As Ellen mentioned, you don't need to wait for a spam. Send yourself a message from another system and see if the parser gets it right. Just make sure to cancel the parse rather than report it.

Posted
As Ellen mentioned, you don't need to wait for a spam.  Send yourself a message from another system and see if the parser gets it right.  Just make sure to cancel the parse rather than report it.

21248[/snapback]

Works fine. Thanks!

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...