[EMAIL PROTECTED] Wrote:
> Thanks to all who have given me advice on this
> question. I hope most of
> you will be up at around 2:30am Alaska time as
> this is when I will
> probably run into my errors and questions. 8^) I
> have my O'reilly DNS and
> Bind book and Gregs FreeBSD Handbook plus I can
> use sample configs from my
> own dns server and any other doc I can find. If
> any one else has more
> suggestions I would appreciate any and all. I
> have to try and have this
> setup by Monday morning and will use every
> reference I can find. Thanks
> again, signing up to this list has been a godsend to me.

I've done this many times for clients' internal email.  It's
a way to keep internal mail private when combined with a
firewall.  But you don't need a firewall to have it work.

Use a made up TLD (Top Level Domain).  It won't interfere
with anything in DNS that way. For example,
'hostname.inside' where the TLD is '.inside' or '.intra' for
a local intranet.

Just make sure that the DNS server has no slaves.  You might
set it up on the same box as the mail server for simplicity.
Include some forwarders in named.conf and it will serve
perfectly well for all DNS queries to outside too, with the
bonus that you'll get some saving in outside traffic due to
its' cache.

Set the clients DNS to that server. Create user accounts as
[EMAIL PROTECTED] on the server. That's about it.

You might want to make the point to your class that using
their .inside address as a reply-to will only work when sent
to other .inside email addresses.  If somebody outside
replies, obviously it will bounce.  Understanding this is
useful for people getting a grasp of how it all works at a
conceptual level.  Some people want only keystrokes and
rules. They get terrified when told more (you see blank
glassy-eyed stares), but this isn't difficult stuff.

To call the TLD you make up fake isn't quite right.  In a
network logic sense, it's just as real as any other. The
only difference is that only clients pointed at the DNS
server that contains it will see it.  Out on the larger
Internet there is a structure in place that eventually
points you to appropriate DNS servers for particular
domains.  In this case we're simply using our own little
structure and private domain as a supplement.  This point is
political too.

Dennis Mathiasen
[EMAIL PROTECTED]
--------------------------------------------
Deerfield Hosting - High Performance Hosting
http://DeerfieldHosting.com?ref=sig
--------------------------------------------



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to