On Sat, 15 Apr 2000, Shawn T. Rutledge wrote:
> On Sat, Apr 15, 2000 at 08:17:28PM +0200, ron jochems wrote:
> > Can the 'nslookup' program be used without DNS running ? Can he retrieve
> > names without DNS running ?
>
> No.
> >
> > So no real nameserver is running as expected, but if i red your mail
> > correctly, it may be possible to query names with nslookup although DNS
> > isn't running....
> > I want to stress out that i really don't want to use DNS, because it is
> > complicating things more as needed.
>
> Why? I used to put off setting up named, but it's kindof useful.
> So far it has seemed worthwhile to me. The only sense in which I
> worry about it is that the packet system ends up being too dependent
> on the Internet... if the connection goes down then some packet
> stuff stops working, and that makes it a lousy backup to the Internet.
> Ideally hams should be capable of providing emergency services with
> no dependencies on other systems that may or may not work.
One option is to have bind setup to be a slave zone for the ampr.org
domain, that way if connectivity to the internet goes down, at least if
anything, dns lookups for ampr.org hostnames will still work in your neck
of the woods.
> Yes sendmail is picky about DNS, for spam-prevention. The pickier it
> is, the harder it is for a spammer to spoof. So to me it's easier to just
> bite the bullet and have a proper DNS server working than to figure out
> how to disable these features in sendmail and make it less secure at
> the same time... my system's a gateway, the same sendmail handles both
> packet SMTP traffic and internet traffic, so I need it to be as secure
> as any other Internet mail server.
What I do is on my systems is allow mail to be relayed from any 44.0.0.0/8
address. I don't know if sendmail supports this, but I do know that
postfix does. Now all I need to do is hack LZW support into postfix, and
I'll be happy :).
Aaron
