First of all i do not think, that legal issues in general should be a major
concern to the m0n0wall developers. Secondly, there's al already "half the
functionality" since you are able to setup a dns name for a given host at a
In my feature request post i mentioned setup problems related to a couple of
guests with inapplicable SMTP settings. Actually the challenge for me goes a
In my setup, the monowall is a firewall shared by 4 companies residing in
the same building. Monowall does traffic shaping on the shared internet
connection and very basic filtering, routing and NAT on 16 IP addresses.
Each company has their own firewall connected to m0n0wall LAN.
Some of my jobs are:
Sharing bandwidth fairly
Make sure that we always have the cheapest ISP
If we change ISP there's a basic challenge: How do i minimize SMTP downtime.
DNAT would be the perfect tool. Also i would estimate that the building has
15 visitors a month, which needs help in order to reconfigure SMTP settings.
Even worse- if we change the settings while they are here - half of them
calls when the have returned home because they need to reenable their old
Politically... If someone chooses to use our network... they have to accept
our network at IT policies.
Søren Vanggaard Jensen
>From: "Chris Bagnall" <m0n0wall at minotaur dot cc>
>To: <m0n0wall at lists dot m0n0 dot ch>
>Subject: RE: [m0n0wall] NAT question: redirect all outgoing SMTP to or own
>Date: Thu, 29 Sep 2005 23:46:20 +0100
>There appear to have been quite a few posts about redirecting SMTP traffic
>to one's own mailserver over the last few days. The technical discussion is
>very interesting, but I fear it does raise a pretty serious privacy issue
>when you start redirecting users' traffic to places it wasn't supposed to
>without them knowing about it.
>There have been plenty of posts by folks wanting to do this, and I'm really
>struggling to understand why at all. Anyone who's sending mail through a
>corporate mailserver is probably using authenticated SMTP, so there's a
>chance they can be accessed from any internet connection anywhere
>there'd be all sorts of problems with home workers unable to send mail and
>the like). Many ISPs these days will quite happily accept authenticated
>on their mailservers, even if they don't officially say it's supported.
>Again, many mailservers will allow a user to relay from anywhere provided
>they've authenticated *somehow*.
>If folks are seriously looking to redirect everything on 25 back to their
>own mailserver, it may be worth checking the legal ramifications of what
>you're doing - especially if you're providing a paid-for service for the
>C.M. Bagnall, Director, Minotaur I.T. Limited
>Tel: (07010) 710715 Mobile: (07811) 332969 Skype: minotaur-uk
>ICQ: 13350579 AIM: MinotaurUK MSN: msn at minotaur dot cc Y!: Minotaur_Chris
>This email is made from 100% recycled electrons
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch