tarballed
December 19th, 2003, 17:17
Hello everyone and Happy Holidays!
Well, I thought i'd start a thread here about a setup im working on (still workign on the LDAP setup...almost done).
As it stands right now, I have a Mail gateway on our company DMZ running FreeBSD 4.9, postfix-2.0.16 and mailscanner. Working like a champ right now.
We also have a internal mail server that is running Red Hat 8.0, with postfix-2.0.14 and courier-imap 2.2.1. Working pretty good as well.
What i'd like to do is setup webmail here, so anyone can access their email no matter where they are. I've been checking out SQWebmail, squirrelmail and horde, but haven't decided which one im going to use yet.
However, my main question is in the network layout and design of this setup. Since our actual mail server is on a private part of our network, i've been trying to figure out the best, more secure way to setup webmail.
I've figured at a minimum cyrus-sasl is needed so I can setup smtp auth, so only valid users can send mail through my mail server, no matter where they connect from.
But where im really in a bind is, designing this, from a firewall rule setup. For instance, since the mail server is isolated from the internet, it really cannot be accessed unless you are on our LAN.
With that in mind, what are my alternatives? Do I setup some type of custom filter on my firewall to allow access to my mail server? Or do I setup something on our DMZ? Maybe setup a relay server of some sort?
I thought i'd post here and get some additional ideas here, so I can begin working on this once i've finished my PDC/LDAP server.
Thanks everyone and Happy Holidays!
Tarballed
Well, I thought i'd start a thread here about a setup im working on (still workign on the LDAP setup...almost done).
As it stands right now, I have a Mail gateway on our company DMZ running FreeBSD 4.9, postfix-2.0.16 and mailscanner. Working like a champ right now.
We also have a internal mail server that is running Red Hat 8.0, with postfix-2.0.14 and courier-imap 2.2.1. Working pretty good as well.
What i'd like to do is setup webmail here, so anyone can access their email no matter where they are. I've been checking out SQWebmail, squirrelmail and horde, but haven't decided which one im going to use yet.
However, my main question is in the network layout and design of this setup. Since our actual mail server is on a private part of our network, i've been trying to figure out the best, more secure way to setup webmail.
I've figured at a minimum cyrus-sasl is needed so I can setup smtp auth, so only valid users can send mail through my mail server, no matter where they connect from.
But where im really in a bind is, designing this, from a firewall rule setup. For instance, since the mail server is isolated from the internet, it really cannot be accessed unless you are on our LAN.
With that in mind, what are my alternatives? Do I setup some type of custom filter on my firewall to allow access to my mail server? Or do I setup something on our DMZ? Maybe setup a relay server of some sort?
I thought i'd post here and get some additional ideas here, so I can begin working on this once i've finished my PDC/LDAP server.
Thanks everyone and Happy Holidays!
Tarballed