Setup Internal caching DNS Server

Kenneth Porter shiva at
Sat Nov 12 08:04:18 UTC 2005

--On Saturday, November 12, 2005 5:35 PM +1030 Tim 
<ignored_mailbox at> wrote:

> Though, does that mean that you can't answer DNS queries from the net,
> for outsiders wanting your DNS information?  Or they've made it
> impossible to run your own resolver, so you can resolve names for
> yourself?  They're two entirely different things.
> Many ISPs won't let you run servers, but that doesn't mean you can't run
> a server that isn't accessed from the outside world.

Right, servers on your LAN can still run as clients to the Internet, and 
I've not seen a TOS that bans that.

It's becoming more common to block port 25 outbound, but a sensible ISP 
will unblock it on request, as the people who know to ask are generally not 
the kind who's machines get turned into zombies. Even if they won't unblock 
port 25, you can usually use the submission port (587) to submit mail to 
another ISP. If you run a mail server, you should run an authenticated 
listener on that port to handle your road warriors.

More information about the fedora-list mailing list