On Fri, Nov 27, 2009 at 03:42:56PM -0500, Roman Gelfand wrote:
> On Fri, Nov 27, 2009 at 1:48 PM, Stan Hoeppner <s...@hardwarefreak.com> wrote:
> > Ralf Hildebrandt put forth on 11/27/2009 6:20 AM:
> >
> >> Then it of course needs a publich IP addresses
> >
> > Or, at least, a public IP NAT/PAT'd to it by your firewall. It will
> > also obviously need PTR, A, and MX records.
> >
> > Also, this may be helpful:
> >
> > http://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall
> >
>
> I am at a loss here. This article seems to say that it is possible, I
> mean in the way it was designed to run, to run postfix in NATed
> network. In this case, is there still a reason why I would want to
> run postfix on public ip machine?
I am equally at a loss, and could turn the question back at you: is
there any reason why I would want to run Postfix behind NAT?
Perhaps there are different assumptions about NAT and its place in
our world. For me, it's always ugly, but sometimes a necessity to
work around the scarcity of IP addresses. For you it seems to be
desirable as an end in itself.
By all means, if you gain a benefit from having your Postfix behind
NAT, run it behind NAT. Do note that a few more non-default settings
are needed, but indeed as you observed, not a big deal. Also note
that routers vary, and some, like the Cisco PIX, are proxying your
SMTP traffic, not doing NAT. Consult your router documentation and
vendor for support, and then Postfix documentation for workarounds
should they prove necessary.
--
Offlist mail to this address is discarded unless
"/dev/rob0" or "not-spam" is in Subject: header
