Thanks Eric. I was on that track. My current firewalls block all (non-mail server) outbound SMTP and DNS requests (learned hard way via a virus on my corp network).
I think I know what you are talking about with the SSL and A records. My biggest concern was whether Spamdyke (or other RBL and spam filters) would work properly behind the NAT. Of course, I'm open to other issues I might have as well. Thank you, Patrick M. Ring P. Ring Technologies Louisiana Web Host, LLC. 985-868-4200 -----Original Message----- From: Eric Shubert [mailto:e...@shubes.net] Sent: Friday, August 13, 2010 1:53 PM To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: what are the pitfalls of QM w/ NAT? Patrick Ring wrote: > I have off and on considered running QMT behind a firewall with NAT at > one of my offices and just have the firewall appliance "pinholed" with > what the server needs. > > My main office has plenty of IP's, but my other office only has a > couple available to me, so I'm obviously looking at the idea of using > one IP to communicate with multiple servers. > > Does anybody have any pros vs cons for QMT behind a NAT here? > > Thank you, > Patrick M. Ring > P. Ring Technologies > Louisiana Web Host, LLC. > 985-868-4200 > I don't think running QMT behind a NAT'ing firewall is uncommon. The only concern I would have is the potential of rogue/infected hosts behind the same public address to spew out spam, causing the address to be blacklisted. Configuring the firewall to limit outbound traffic on port 25 to only QMT should take care of that though. Also, having multiple services/hosts on a single (public) IP address complicates SSL a little. Setting up multiple A records/names to the same public address takes care of that though. -- -Eric 'shubes' ------------------------------------------------------------------------ --------- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! ------------------------------------------------------------------------ --------- Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com --------------------------------------------------------------------------------- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --------------------------------------------------------------------------------- Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
