Re: nat

To: Nathan <smurf@netutah.com>, Kevin <cog@iwz.com>
Cc: debian-isp@lists.debian.org
Subject: Re: nat
From: Russell Coker <russell@coker.com.au>
Date: Sun, 8 Oct 2000 14:52:57 +0200
Message-id: <0010081452570L.00584@lyta>
Reply-to: Russell Coker <russell@coker.com.au>
In-reply-to: <Pine.LNX.4.21.0010062354010.5560-100000@ice.netutah.com>
References: <Pine.LNX.4.21.0010062354010.5560-100000@ice.netutah.com>

On Sat, 07 Oct 2000, Nathan wrote:
>It's a pain in the ass to maintain an ability to track users sending spam
>from your dialups and through your server if you don't have each user
>authenticate and the connections all apear to hit the mail server from the
>firewall.
>
>That's what vetoed ours for a long time.
>
>Then we just got a few more class C's ;)  NAT is a pluss for security, a
>minus for latency and a minus for accountability for who does what outside
>th firewall.

Why not redirect the port 25 connections to port 25 on your mail relay?  Then 
your logs will show who sent what (it will contain the private IPs).  Also 
you prevent your customers from accessing open relays on the net.

-- 
http://www.coker.com.au/bonnie++/     Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/       Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/     My home page

Reply to:

Follow-Ups:
- Re[2]: nat
  - From: Kevin <cog@iwz.com>

References:
- Re: nat
  - From: Nathan <smurf@netutah.com>

Prev by Date: Re[2]: nat
Next by Date: Re[2]: nat
Previous by thread: Re: nat
Next by thread: Re[2]: nat
Index(es):
- Date
- Thread