SMTP and IMAP Strict Destination Question
-
Hello fellow Netgate community members can you please help?
I have configured my firewall to do strict destination for mail it works for everything except gmail, gmail changes its ip addresses every couple of minutes, is there anyway I can possibly set unbound to bypass keeping this url in its dns resolver cache or possibly set it to always forward this request upstream to 8.8.8.8 or something.
Currernly I have my system set up to work like this it does work but at times google will not download until unbound updates the ip address in the cache.
This works perfectly and secures this port from use of "any destination"
again google changes ip addresses so fast that it sometimes is behind the current address in use.
What I would like to do is set imap.gmail.com and smtp.gmail.com to an automatically resolve every time and never save the record.
The other mail servers work perfectly, they can only mail to those urls and that is all I need. Google does not seem to like being configured like this.
Any ideas for a custom unbound resolver setting just for gmail?
-
Keep in mind mail servers have been attacked when firewalls have an access control line that allows smtp and imap traffic to any destination all this does is specifically state you can only use the mail destination servers you use and block unknown ones.
-
I am aware of the resolver interval, is there a way to bypass one url
example imap.gmail.com always forward to 8.8.8.8 do not save in firewall dns namesever for reuse
thus every time it gets the new ip address google has for the mail server, they change so fast the firewall can't keep up so the mail app at times says error after 5 mins it will resolve but that is unacceptable for modern use.
