• 0 Posts
  • 12 Comments
Joined 1 year ago
cake
Cake day: June 10th, 2023

help-circle


  • So to be clear, you want traffic coming out of your VPS to have a source address that is your home IP?

    let’s go back to fundamentals and assume for a second that your VPS provider allows these packets out and your VPS initiates a TCP connection like that. It sends a TCP SYN with source: home address and dest: remote.

    The packet gets routed to the remote. The remote accepts and responds SYN/ACK with source: remote and dest: home address.

    Where do you think this packet will get routed? When it gets there, do you think the receiving server (and NAT gateways in between) will accept this random SYN/ACK that doesn’t appear to have a corresponding outgoing packets sent first? If so, how?



  • Not really. Your VPS’s public IP is not yours to change, for obvious reasons, and it’s unlikely that your hosting provider will let you send packets from your VPS using a source address that is incorrect. if they let you, then any replies to those packets will evidently get routed to the actual IP, ie your home IP. If you really want to forward SMTP to your VPS (which has less chance of being on a Blocklist by virtue of not being a residential IP), I suggest declaring your VPS as your SMTP sender in SPF, instead of declaring your home IP and trying to make that work with the VPS IP. The VPS can then be configured as an SMTP relay (this is a key feature of SMTP) to your home instance, or you could forward all traffic on the appropriate ports at the TCP level, but I don’t advise doing this.

    I hope you understand that if what you’re asking was possible, I could rent a VPS, spoof your IP and receive traffic meant for your IP without any issues. For the same reasons, I think the other commenter mentioning x-forwarded-for headers is wrong if you’re not using DKIM (and even then it’s iffy). Otherwise I could just write a payload with mailto: whatever, from:you@yourdomain and x-forwarded-for: your home IP and pass SPF checks without having control over your IP.

    if you’re still confused about SMTP feel free to ask more questions


  • It exists, but it’s generally really small shops that I wouldn’t feel comfortable recommending.

    The bigger hosting providers are fine with the status quo, because it means their support tickets are from people who at least know something about anything rather than complete noobies who need help resetting their password (not that there’s anything wrong with that, it’s just higher volume and not what hetzner staff is trained on)





  • It should work just fine. the proxmox just sets up a bridge to the virtual interface when you install it and after that, VMs you deploy will appear in to everything else on the network as if connected through a switch.

    However, watch out about it your routing tables. If the pihole isn’t on the same network (regardless of if it is virtualized or not), you have to tell other computers on the network how to reach that other network, by making changes to their routing table, or the one in your router (that is literally its job, after all).



  • Revolt is a matrix-compliant client and server combo. It’s easier to deploy than synapse+element but obviously you miss out on some fringe features. There’s also the issue that a lot of the hard parts of setting up a matrix server are due to the video part.

    Since OP wants video chat and screen share first and foremost, and since revolt and matrix both use jitsi for this, OP can use straight up jitsi and set up matrix/revolt later.