On Sun, Feb 8, 2009 at 3:05 PM, Victor Duchovni <victor.ducho...@morganstanley.com> wrote: > On Sun, Feb 08, 2009 at 02:55:28PM +0800, jan gestre wrote: > >> Where is the best place to put the DNS caching resolver? in the NAT >> device? or in the Mail Server itself? > > What kind of NAT device is this? Is it capable of running a non-forwarding > DNS cache? If the cache in question has sufficiently good port > randomization, by all means run on the NAT device, otherwise run it > on the Postfix server, and hope the NAT device port selection is not > too predictable. >
It's a lightweight FreeBSD based firewall called "pfSense", it also has an installable TinyDNS package.
