[Mimedefang] DNS and MX records
Jeff Rife
mimedefang at nabs.net
Sun May 14 16:17:46 EDT 2006
On 14 May 2006 at 13:10, Ben Kamen wrote:
> Not really. I have multiple machines with multiple services being a single public IP. The trick is to
> make sure the ports are different. I use a Netscreen 5XP and it handles this method (port based mapping)
> as well as a full IP to IP mapping just fine.
If you are limited to a single public IP, you can't do much with the
DNS tricks mentioned. Every access to your public IP at port 25 (for
example) has to be routed to the same machine behind the firewall,
since the firewall can't know what DNS name the packet was originally
destined for. So, you can't separate things like "A" and "MX".
You *could* pull some tricks with port 80 if the firewall looked at
host header names in the request packets, but I don't know of any that
do this, since every web server has this capability.
--
Jeff Rife |
| http://www.nabs.net/Cartoons/Dilbert/TechBigot.gif
More information about the MIMEDefang
mailing list