TIP: Click on subject to list as thread! ANSI
echo: rberrypi
to: JAN PANTELTJE
from: MARTIN GREGORIE
date: 2018-06-24 10:38:00
subject: Re: 3.5 touch screen
On Sun, 24 Jun 2018 08:24:03 +0000, Jan Panteltje wrote:

> Indeed,
> before I hosted my website with godaddy,
> I had the name server running here too (bind), and sendmail.
>
I think unbound may be a bit easier to set up than bind - there's an
O'Reilly book about bind and I was very glad to have a copy.

As for sendmail - personally I wouldn't touch it with a bargepole.
Postfix is very stable and a lot easier to configure. It has a good
website, a helpful mailing list and a sensible, though large set of
configuration parameters that, unlike the sendmail configuration are easy
to read and understand. I have Postfix running on all my computers except
the RPi, with my one 24/7 system acting as master - the others only use
Postfix to send logwatch reports, etc to the master, which also runs
Dovecot as its local delivery agent.

> That is a bit more difficult to configure.
> I think the new nameservers use some encryption protocol?
>
You're thinking of DNSSEC, which is meant to prevent DNS MITM and
spoofing attacks, but isn't needed on a private LAN. All that matters is
that your local DNS is running in recursive mode and is configured to
pass requests it can't answer to your ISP's nameservers, Google, etc.
That's the recursive part.

Don't configure it as a forwarding nameserver, especially if you're
running anything like Spamassassin. It uses the DNS protocol to talk to
DBSBL (blacklist) and DNSWL (whitelist) servers which have query limits.
If you run your DNS as a forwarder your queries get aggregated with those
from everybody else who forwards to the same nameserver and are probably
blocked as a result. DNSBLs and DNSWLs usually have a query limit
suitable for personal and small business use and require a subscription
if your use exceeds the free limit.

> It is on the todo list, if US imposes more trade tariffs towards Europe,
> then I will sanction back by moving the domain registration to for
> example Panama and run the whole thing including nameserver here again,
> on raspberries.
>
Don't forget that your domain name host can be totally separate from your
mail and webhosts. Mine is: I configure my domain name account so it
redirects both mail and web requests to whoever is providing my mail
delivery and webhosting services - usually my ISP. This means that I can
switch ISP and webhost with minimal effort and without needing to tell
anybody else about the switch.


--
Martin    | martin at
Gregorie  | gregorie dot org

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | FidoUsenet Gateway (3:770/3)
SOURCE: echomail via QWK@docsplace.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.