Ralph Angenendt wrote:
Feizhou wrote:
Kanwar Ranbir Sandhu wrote:
Lately I've been thinking about moving Dovecot (for IMAP) into the
internal network - I'd rather not store my mail on the CentOS 4 host in
the DMZ.
Why?
Because you don't want to have sensitive data in the demilitarized zone?
I know that I don't want to.
Well, if the mails are sensitive data then maybe he should consider
having them all encrypted then rather than letting them flow around the
Internet in plain text.
2. If the answer to 1 is no, what's the best way to get mail from the
SMTP server in the DMZ to an IMAP server in the internal network?
Here's what I've briefly considered:
DMZ Postfix+SpamAssassin -> Internal Postfix+Dovecot
DMZ Postfix+SpamAssassin -> Internal Fetchmail+Dovecot
The first one. Pinch a hole in your firewall which *only* allows smtp
from that *one* host to the internal host.
Yeah, if he does not have to serve his mails outside the office that
should suffice.
3. Any tutorials for this out there, or even articles, etc., discussing
using Postfix as a gateway? So far, I haven't found any that I've
liked.
Look at the relaydomains and the transports tables from postfix. Make
sure that your domain isn't in $mydestinations. Make sure that your
domain gets relayed (and transported) to the internal mailserver.
I guess you are also going to teach him how to reject mails to
non-existent users at the smtp level and not become an outscatter host.
It is a little bit involved. But first answer the question of why you
want to move before we explore this.
I wonder why that should be necessary - it's his decision, and I can
really understand, why he's making it.
I am glad that you can read his mind and learn about his environment.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
