Re[2]: nat

To: Russell Coker <russell@coker.com.au>
Cc: debian-isp@lists.debian.org
Subject: Re[2]: nat
From: Kevin <cog@iwz.com>
Date: Sun, 8 Oct 2000 08:57:53 -0700
Message-id: <152329499555.20001008085753@iwz.com>
Reply-to: Kevin <cog@iwz.com>
In-reply-to: <0010081452570L.00584@lyta>
References: <Pine.LNX.4.21.0010062354010.5560-100000@ice.netutah.com> <0010081452570L.00584@lyta>

  Wouldn't that also prevent the users from using legitimate outside
  mail servers?

-- 
Kevin  -  cog@iwz.com


--

> On Sat, 07 Oct 2000, Nathan wrote:
>>It's a pain in the ass to maintain an ability to track users sending spam
>>from your dialups and through your server if you don't have each user
>>authenticate and the connections all apear to hit the mail server from the
>>firewall.
>>
>>That's what vetoed ours for a long time.
>>
>>Then we just got a few more class C's ;)  NAT is a pluss for security, a
>>minus for latency and a minus for accountability for who does what outside
>>th firewall.

> Why not redirect the port 25 connections to port 25 on your mail relay?  Then 
> your logs will show who sent what (it will contain the private IPs).  Also 
> you prevent your customers from accessing open relays on the net.

Reply to:

Follow-Ups:
- Re: Re[2]: nat
  - From: Russell Coker <russell@coker.com.au>

References:
- Re: nat
  - From: Nathan <smurf@netutah.com>
- Re: nat
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Re: nat
Next by Date: PCI IDE controllers
Previous by thread: Re: nat
Next by thread: Re: Re[2]: nat
Index(es):
- Date
- Thread