Re: Acceptance of domain literals

From: Jim Seymour (no email)
Date: Sat Jan 03 2004 - 09:28:34 EST

• Next message: fago: "Re: bounce mail for unknown users"
• Previous message: cami: "Re: CRLF Was: Postfix with entourage"
• Maybe in reply to: Dean Strik: "Re: Acceptance of domain literals"
• Next in thread: Greg A. Woods: "Re: Acceptance of domain literals"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

"Greg A. Woods" <> wrote:
>
> [ On Friday, January 2, 2004 at 17:57:48 (-0500), Jim Seymour wrote: ]
> > Subject: Re: Acceptance of domain literals
> >
> > "Greg A. Woods" <> wrote:
> > >
> > > Personally I would never ever even dream of running a mail server behind
> > > a NAT. This is far from the only problem you'll encounter.
> >
> > What other problems is one likely to encounter?
>
> It depends somewhat on exactly what NAT implementation you're using, but
> typically many of the low level protocol error handling mechanisms
> either get trashed beyond recognition by a NAT, or don't work at all, so
> error handling at the connection level will be broken with the result
> that any number of strange symptoms will appear and be almost impossible
> to diagnose (especially by anyone who might think running a server
> behind a NAT is an OK think to do :-).

That would be a broken NAT implementation, no?

>
> Many other common errors can be masked, hidden, transformed, or
> otherwise butchered by a NAT too, depending on what else has to pass
> through the thing (e.g. DNS).

Same as above, no?

>
> The only time you really have to run a mail server behind a NAT is
> almost always a scenario where you're not supposed to, or at least not
> expected to, be running any servers in the first place.

I'm glad you qualified that with "almost." ;). My DSL provider, for
example, ships NAT routers with their product. It is business class
DSL only. (SDSL, IDSL, ADSL) They assign static IP address(es). No
dynamic IP address assignments. Not only are customers *allowed* to
run services, it's expected they (probably) will.

> Either that or
> you're dealing with such a confused and ignorant firewall administrator
> that NAT issues are going to be the least of your troubles.

Well, I don't *think* I'm confused. Tho I will admit to ignorance in
some things. Yes, I readily acknowledge I simply don't know it all
;).

-- 
Jim Seymour                | Spammers sue anti-spammers:
       |     http://www.LinxNet.com/misc/spam/slapp.php
http://jimsun.LinxNet.com  | Please donate to the SpamCon Legal Fund:
                           |     http://www.spamcon.org/legalfund/

• Next message: fago: "Re: bounce mail for unknown users"
• Previous message: cami: "Re: CRLF Was: Postfix with entourage"
• Maybe in reply to: Dean Strik: "Re: Acceptance of domain literals"
• Next in thread: Greg A. Woods: "Re: Acceptance of domain literals"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]