[25759] in Athena Bugs
Re: linux [9.2.27]: from, mailquota, etc. form behind a NAT
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Jul 1 15:52:55 2004
From: Greg Hudson <ghudson@mit.edu>
To: Jonathon Weiss <jweiss@mit.edu>
In-Reply-To: <200407011939.i61JdoV2008751@distraction.mit.edu>
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Message-Id: <1088711548.24763.177.camel@egyptian-gods.mit.edu>
Mime-Version: 1.0
Date: Thu, 01 Jul 2004 15:52:28 -0400
cc: bugs@mit.edu
Errors-To: bugs-bounces@mit.edu
On Thu, 2004-07-01 at 15:39, Jonathon Weiss wrote:
> distraction:~: from -v -h PO10.MIT.EDU
> from: Premature end-of-file on IMAP connection to PO10.MIT.EDU
> Exit 1
I think what's going on here is that the IMAP connection is using
krb_mk_safe(), and because of the NAT gateway the direction bit gets
screwed up.
Other IMAP clients might work if (a) the NAT gateway isn't managing to
reverse the address direction relative to the server; (b) they don't
negotiate a security layer (true of Pine and Evolution, I believe); or
(c) they use SSL instead of krb4.
We could add command-line options to our mail commands to suppress
negotiation of a security layer, perhaps.
(Ironically, if the PO servers supported krb5, it would fix this
problem, because Athena gets addressless tickets, if I remember right.
But the PO servers don't support krb5, as I understand it, because it
would break the class of behind-NAT users who happen to be winning with
krb4 but would lose with krb5 because they're getting addressful
tickets.)
