[Freedombox-discuss] email recommendations?

Matthias-Christian Ott ott at mirix.org
Sat Feb 26 01:50:19 UTC 2011


On Fri, Feb 25, 2011 at 09:46:26PM -0000, Keith wrote:
> On Fri, 25 Feb 2011 20:59:25 -0000, Lorenzo <lorenzo at usucapio.net> wrote:
> 
> >An alternative solution would be to buy a VPN service from a
> >provider and get a static IP, then make sure that the box is
> >always connected to the vpn.
> 
> 
> Something like I'm doing with a vps (in California) connected to my
> PC (in the UK) with vpn.
> This email is being sent this way. Also a web server on my PC using
> a dynamic ipv4 IP. This can be accessed through a
> static IP without using dynamic DNS. I've also accessed the web
> server with ipv6.

The biggest problem with dynamic IP adresses is not reachability, it's
blacklists and RDNS mismatches. You can update DNS records dynamically,
e.g. via nsupdate, and set a low TTL (though not all caching resolvers
will honor low TTLs), but some servers use questionable blacklists
to block dynamic IP address ranges, because they think no valueable
e-mails except spam generated by botnets originate form these address
ranges, or check that the RDNS RRs match the EHLO hostname. Some years
ago I tried to run a server from an IP address range which was on such a
blacklist, often e-mail got reject because of a RDNS mismatch and
sometimes because of a blacklist.

What you have to do is to update the MX record of your domain to the
RDNS hostname of your IP address and send e-mails which get rejected due
to the IP address through a relay with a fixed IP address (you have to
manually maintain a whitelist on your server), e.g. provided by our ISP
or a friend.

I hope this will get better with IPv6 (it can't get worse) and hopefully
ISPs will allocate static subnets to their subscribers and allow to set
their own DNS servers for RDNS. Most tunnel brokers do this these days.

Regards,
Matthias-Christian



More information about the Freedombox-discuss mailing list