OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Craig Sanders (castaz.net.au)
Date: Tue Sep 04 2001 - 18:05:23 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    On Tue, Sep 04, 2001 at 06:11:36PM +0200, Pyuesh Daya wrote:
    > When a client gets connects, they connect to etrn server, the
    > transport file is updated automatically with another process to add
    > there dial-up address to the trasport file. It then issues an etrn
    > domain.name via an expect script on the etrn server.
    >
    > The problem I am having is that the mailq is somehow caching the
    > previous ip address and tries to spool to the old ip address although
    > the transport file has been changed, re-hashed. Also, the clients
    > have an idle-timeout of about 45->60 seconds. In this time they
    > already disconnect and do not receive the mail at that time.

    SMTP delivery to mail servers with dynamic IP addresses is inherently
    unreliable.

    if you can't assign the user a static IP address, then your best bet is
    to convince them to use the right tool for the job - i.e. uucp. uucp was
    designed for this job. it works.

    failing that, you could try something like the following (but it will
    STILL be unreliable):

    1. run "postfix reload" whenever the transport map is updated. this
    could harm postfix performance quite badly. if you've got lots of
    dynamic IP etrn clients logging in several times/day each you probably
    don't want to do this. if it's not many and not often, then it should be
    OK.

    2. set up some form of dynamic dns for these clients. use a subdomain
    like dynamic.your-domain.com, then edit the transport map to point to
    the relevant host in that subdomain.

    e.g. for customerA, use customerA.dynamic.your-domain.com

    in this case, the transport map is mostly static, set it once per
    customer and then leave it alone. it doesn't need to be updated every
    time they log in.

    the tricky part is to have the dns updated whenever they log in. you'll
    either need to patch your radius server so that it runs an external
    script whenever a user logs in, or write a perl File::Tail script which
    monitors your radius detail logs.

    in either case, the script should update the A record for
    "customerA.dynamic.your-domain.com", giving it a short TTL (5 or 10
    seconds).

    note that this requires your radius server to log the IP address in the
    Start record. if your NAS boxes are cisco, this means you need to use
    "aaa accounting delay-start". alternatively, if you know the port number
    you could query the NAS to find out what IP address had been assigned.

    is this starting to sound flaky and fragile? you're right, it probably
    is.

    uucp is the right tool for this job. you will never get SMTP delivery to
    dynamic addresses working 100% reliably.

    craig 

    -- 
craig sanders <castaz.net.au>

    Fabricati Diem, PVNC.
 -- motto of the Ankh-Morpork City Watch
-
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users