Re: Mail Traffic

On 10/12/21 8:01 AM, Tim Daneliuk via questions wrote:
>> On Tue, Oct 12, 2021 at 08:04:54AM +0200, Silvio Siefke wrote:
>>> Hello,
>>>
>>> I have VPS as webhost which blocked port 25 by ISP. Is there a chance
>>> to route the traffic over the vpn Network?
>>>
>>> My Mailserver had the internal IP 192.168.0.109. I had try it with hosts
>>> file but it will not work.
>>>
>>> Is there a chance to make it with pf?
>>
> No.  192.168.0.x is non-routable by definition.  The only way around
> this would be to have your perimeter firewall punch through stuff
> from the outside coming in on port 25 to your VPS instance.   This
> is almost certainly not going to happen.
>
> A better way is to find a free/cheap external mail provider that will
> host mail for your domain.   I believe namecheap.com will do it for $10 US/year
> if you use them as your domain registrar.  You can then use automation on
> your FreeBSD box to poll the upstream server and pull in the inbound mail
> on a regular cadence.
>
>
I use pfSense with openvpn.

The remote links all carry 192.168.xx.xx addresses.

My internal network, behind my firewall, carries 192.0.2.x (old sunos test network... still not routable, but not one of the usual RFC networks.  Developers lose their minds over this)

I use devices behind remote firewalls that carry 10.x.x.x and VPN back to my openvpn gateway.

Those devices ARE reachable via the VPN link and my 192.0.2.x network is reachable from them via the VPN link (192.168.xx.xx VPN link endpoint).

So to say that the RFC networks are absolutely unroutable is slightly not accurate.

Manually placing a route for an "unroutable" network is perfectly possible, if a bit odd.  It's actually done all the time for commercial VPN networks (pulsesecure, Cisco etc
).