Mail Server in the DMZ question

• Previous message: Richard Coleman: "Re: Multi-User Security"
• Next in thread: Brian Keefer: "Re: Mail Server in the DMZ question"
• Reply: Brian Keefer: "Re: Mail Server in the DMZ question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: freebsd-security@freebsd.org
Date: Mon, 17 May 2004 16:39:08 -0700

Been trying to puzzle through a firewall layout here involving E-Mail. Would
have thought this was a more common kind of scenario, but I haven't been able
to Google me up an answer to this one.

At present I have an SMTP server (Postfix) in my DMZ that is simply re-routing
mail into my secure network. This is a less than optimal setup simply due to
having to allow traffic from the DMZ into my secure network without a
proceeding request for that data.

I want to have all the mail held on the server in the DMZ, then have it be
pulled into the secure network for all my users by some means.

Originally I thought I could just setup a multi-drop box, pull in the mail
with Fetchmail, then have it delivered to my internal server for processing.
Seems that there are way too many pitfalls for this setup to reasonably
support all my users.

I then looked into configuring the DMZ server to hold all mail, then release
on an ETRN request. From what I've read on this I'm really no better off, as
I still have to allow port 25 requests into my secure network.

Thanks,

-- 
"In theory, there is no difference between theory and practice.
In practice, there is."
- Yogi Berra
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

• Previous message: Richard Coleman: "Re: Multi-User Security"
• Next in thread: Brian Keefer: "Re: Mail Server in the DMZ question"
• Reply: Brian Keefer: "Re: Mail Server in the DMZ question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]