Mailing List SIMS@mail.stalker.com Message #15209
From: chris <cb@mythtech.net>
Subject: Re: Use Verizon Solely for Send?
Date: Tue, 9 May 2006 16:17:07 -0400
To: SIMS Discussions <SIMS@mail.stalker.com>
X-Mailer: Claris Emailer 2.0v3, January 22, 1998
>Well, yes, but I want to put a total of 5 computers (2 servers and 3  
>client machines) on the DSL modem, and they're all sharing one public  
>IP address. So wouldn't I have to put in a DHCP router on the user  
>side of the DSL modem? That would give 192.168.0.X LAN addresses to  
>each of the servers and computers. I don't understand how to set up a  
>DHCP router such that both "foobar1.com" and "foobar2.com" share the  
>same external IP address, and HTTP (port 80) calls to foobar1.com are  
>segregated from calls to foobar2.com and routed to the appropriate  
>server. If there's a way to do it, I'd love to know.

You can drop the client machines out of the equation as those won't be
receiving external connections.

So you are really only looking at 2 servers behind the router. Verizon
ships a router with their DSL these days, and that router allows for port
forwarding (and if you are going to do port forwarding, you probably want
to set static IPs on the internal machines... although I believe the
current model router Verizon ships will support port forwarding to
dynamic IPs).

However, that will only let you forward all traffic for a particular port
to one inside IP. This is fine if your two servers are a web server and a
mail server and you have no overlapping port usage. But if the two
servers will overlap with their port usage, then the Verizon router won't
help you. You can install a more intelligent router, or you can rethink
your setup (such as do you need two different web servers or can you just
combine both domains onto a single server and let the web server software
deal with directing the domain to the correct directory on the server...
Apache does this nicely).

You can do the same with your SIMS setup. One server handling multiple
domains. That would let you avoid having overlapping port usage, which
means you could do simple port forwarding at the router that Verizon
supplies.

>I spoke to the Verizon Sales Drone today and she stated unequivocally  
>that static IP blocks are not available in my area. I was talking  
>about Business-class service, so I was surprised ... I continue to be  
>unimpressed with Verizon's "technology."

Yes, Static IPs are something that is only available in certain areas.
Until about a year ago, they were not available in my area.

>I guess that's the core of my concern. If Verizon doesn't block port  
>110 traffic then I can go through Verizon to get to my mailservers  
>and pull down mail going back to my clients.

They block nothing on the outbound direction, and only block 80 on the
inbound direction. So if your client machines are using Verizon, there
will be nothing you can't connect to.

>Sure, it'll be slow  
>(IDSL, 128K), but that's OK since (any more) email isn't real-time; a  
>four-minute delay in getting mail is not a big crisis.

You could connect both DSL services to the same internal network, and
with some better routing setups, you could get your clients to connect to
the servers over the internal network, thus skipping the slow speed
bottleneck of having to send everything out to the internet and then back
in. But this is a little more complicated, and if the speed really isn't
an issue for you, then I wouldn't worry about it.

>I am planning on sending via the Verizon servers, with my reply-to  
>and from addresses clearly identifying that the reply address is my  
>own SIMS server.

You don't have to send via the Verizon servers... they don't block port
25 access. You can still send out via your own servers if you wish to do
so.

Also, Verizon does not (at least not last time I checked) compare the
Mail From to the account that authenticated. So there is no reason to put
the verizon info into any part of your mail setup other than the SMTP
server and the SMTP Authentication username/password (which you said you
are using Mail, and that allows you to use totally different SMTP
settings than the account uses for everything else). So there won't be a
"reply-to" issue, as all your headers, shy of tracing the actual server
connections, will claim to be coming from your own mail server.

-chris
<http://www.mythtech.net>

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster