RE: Mail server

From: Hunt, Jim (HuntJ@nwsc.k12.in.us)
Date: 05/10/02


From: "Hunt, Jim" <HuntJ@nwsc.k12.in.us>
To: "'Rob.'" <robert.@here.now>, 'Imraan Kadir' <imraan.kadir@stt-global.com>, security-basics@securityfocus.com
Date: Fri, 10 May 2002 12:29:43 -0500

What about NAT to the DMZ? Overkill when using a Cisco PIX 515?

Jim Hunt
Microsoft Certified Systems Engineer
Northwestern School Corporation

-----Original Message-----
From: Rob. [mailto:robert.@here.now]
Sent: Thursday, May 09, 2002 2:54 AM
To: 'Imraan Kadir'; security-basics@securityfocus.com
Subject: RE: Mail server

 DMZ

Rob.

-----Original Message-----
From: Imraan Kadir [mailto:imraan.kadir@stt-global.com]
Sent: 07 May 2002 14:34
To: security-basics@securityfocus.com
Subject: Mail server

Hi There

Can somebody please shed some light.

Is it safer to place your mailserver in the DMZ or in your LAN (with NAT
configured)?

Thank you

Imraan



Relevant Pages

  • Re: [fw-wiz] DMZ to INSIDE Communication
    ... Chris, you've confused the idea of a real IP vs a NAT IP. ... DMZ and inside networks. ... communication between the DMZ VLAN and the ...
    (Firewall-Wizards)
  • Re: Pix Outside NAT
    ... Does that mean if i have an outside int and a DMZ int both connecting ... dmz it will route to the natted ip's (ie a pool of addresses from the ... DMZ subnet) and then NAT and forward out teh DMZ int? ...
    (comp.dcom.sys.cisco)
  • Re: [fw-wiz] static nat and tcp limits
    ... I have two independent networks. ... Pix probably would not allow it. ... nat 0 access-list nonat_acl ... different IP addresses between your DMZ & inside networks. ...
    (Firewall-Wizards)
  • Re: IP address in header
    ... > to my new gateway server on the internal network. ... > address on the internal network not the NAT in the dmz. ... that your Exchange (or whatever mail server you have) is on an internal ...
    (microsoft.public.win2000.dns)
  • Re: How did they get behind my NAT?
    ... The double NAT setup makes sense, I did not understand that you meant ... A DMZ is a secured network that you use for Public hosts that they don't ... you put your web server in the DMZ network - that would be the LAN ... create filth and put it on the web for any kid to see: ...
    (alt.computer.security)