From: (no name) (no email)
Date: Fri Nov 01 2002 - 07:40:49 EST
Zitiere Stefan Engel <>:
>
> Hello,
>
> I am new to setting up a mail server and I try to figure out how to
> setup the following scenario:
>
> - DMZ with postfix as mail proxy
> - LAN with postfix as mail server
>
> This alone seems to be no big problem.
>
> But:
>
> a) DMZ machines must be able to send mail only to internal LAN.
> b) WebMail access should be possible from the outside internet
> for employees working at a customers office and only having
> web access but no mail (other road warriors will be able to
> access their mail using VPN).
>
> I think item a) can be solved using the mail proxy in the DMZ. So
> this should be a configuration issue.
>
> But I don't know how to solve item b). As the mails are all stored
> on the mail server on the internal LAN, how can I provide web
> access to them without allowing the users to directly access the
> internal mail server from the internet. Are there any solutions
> to this problem?
>
> Maybe one solution would be to store all mails per default
> on the DMZ mail server. If a user wants to get his mails from the
> internal LAN or via VPN and thus contacting the internal
> mail server, this mail server triggers the DMZ mail server
> to sent the mails for the corresponding user to the internal
> mail server. Is this possible using postfix? I am not quite happy
> with this solution for security reasons as mails are stored in the
> DMZ for some time (for some employees this could be several weeks).
>
We do it this way :
In the DMZ Postfix mail-relay + Web server (Apache)
Internal Mailserver with Postfix + Cyrus + LDAP user Base
Mailrelay connect to the internal Mailserver with LDAP (checking user at smtpd
level) and with IMAP for Webmail (IMP System).
Works fine here.
Regards
Andreas Hödle
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|