Re: Port forwarding on a NAT firewall

To: debian-user@lists.debian.org
Subject: Re: Port forwarding on a NAT firewall
From: "Monique Y. Mudama" <spam@bounceswoosh.org>
Date: Fri, 2 Jul 2004 13:12:05 -0600
Message-id: <[🔎] slrncebcs5.dot.spam@home.bounceswoosh.org>
Mail-followup-to: debian-user@lists.debian.org
References: <[🔎] 4102.82.70.62.110.1088772238.squirrel@webmail.pulsesol.com>

On 2004-07-02, Antony penned:
> Hi all,
>
> If I have a router running iptables with NAT for a private IP network,
> there are two options if I want to have a public email server on the
> private network...  1) Set up an email server on the router that
> relays all mail to the private server.2) Port forward (DNAT) port 25
> to the private server.
>
> I don't like port forwarding, as it's always seemed like a kind of
> bodge, but (2) is quicker and easier to setup.  Does (2) have any
> practical negative implications from a security point of view, and
> does anyone have any general views on which solution is better?  A

I've been using (2) for quite a while now ... except with a hardware
router rather than iptables.  I can't think of any big negatives; it
seems like setting up two email servers just introduce two places to
possibly screw up the configuration and drop mail.

-- 
monique

Reply to:

References:
- Port forwarding on a NAT firewall
  - From: "Antony" <antony@antgel.co.uk>

Prev by Date: Re: moving an installed Debian system onto RAID-1
Next by Date: X won't start until mouse moved
Previous by thread: Re: Port forwarding on a NAT firewall
Next by thread: keyboard (console?) problem
Index(es):
- Date
- Thread