Archived from groups: microsoft.public.win2000.dns (
More info?)
In news:5dde95d2.0408051610.47d67ca8@posting.google.com,
Randy Henson <rhenson@cellxion.com> wrote their comments
Then Kevin replied below:
> forgive me if I seem confused, but with the date/time
> stamp problem mentioned earlier, it looks like you guys
> have responded do my questions before I even see my own
> post.
>
> Setting them up with no gateway I can do. seems that I
> did that before and there was a problem getting to the
> mail server, but that will be another post!
That is why I recommended using a bogus proxy, it still allows OE or Outlook
to access mail servers. If you use web base email you can even set the web
mail name in the bypass proxy list. e.g. *.hotmail.com;*.msn.com in the
bypass proxy list will allow users to get to their hotmail account.
>
> So is it OK that my clients can get out to the net from
> my internal dns server?
That is your decision, there is no technical reason to not allow your DNS to
resolve external names unless it is already over burdened with internal
queries.
I was under the impression that
> there was a way to keep them from going out via the
> internal, and would need to enable forwarders to go out.
> If they can get out via the internal, doesn't that negate
> the need for forwarders???
You enable a forwarder to offload some of the queries to the external DNS
server so it can improve DNS performance. Not enabling the forwarder will
not prevent DNS from resolving names if it can still use its root hints. One
sure fire way to prevent your internal DNS from resolving external names is
to disable recursion on the Advanced tab. That won't prevent determined
users from getting internet access if they want by just putting another DNS
server in TCP/IP properties.
--
Best regards,
Kevin D4 Dad Goodknecht Sr. [MVP]
Hope This Helps
================================================
--
When responding to posts, please "Reply to Group"
via your newsreader so that others may learn and
benefit from your issue, to respond directly to
me remove the nospam. from my email address.
================================================
http://www.lonestaramerica.com/
================================================
Use Outlook Express?... Get OE_Quotefix:
It will strip signature out and more
http://home.in.tum.de/~jain/software/oe-quotefix/
================================================
Keep a back up of your OE settings and folders
with OEBackup:
http://www.oehelp.com/OEBackup/Default.aspx
================================================