Date: Mon, 16 Jul 2007 15:05:56 +0800 From: "Daniel Marsh" <jahilliya@gmail.com> To: "Olivier Nicole" <on@cs.ait.ac.th> Cc: freebsd-questions@freebsd.org Subject: Re: Transparent email proxy Message-ID: <ba5e78ea0707160005g56b56defybb6c1111c9853032@mail.gmail.com> In-Reply-To: <200707160549.l6G5nFCP002529@banyan.cs.ait.ac.th> References: <200707130730.l6D7U6v9086226@banyan.cs.ait.ac.th> <47E045D4-44AB-44B8-A358-59ECA482CF81@goldmark.org> <200707160549.l6G5nFCP002529@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help
On 7/16/07, Olivier Nicole <on@cs.ait.ac.th> wrote: > > Hi, > > > With the firewall, it is easy to make the use of the outgoing mail > > hub compulsory. Is there some reason beyond that that you want to do > > things transparently? > > Yes, I should have been a bit more specific. As university department, > we receive a number of visitors, when they have been in the plane for > 24 hours, they usually want to check their email: each time we have to > inform them that they can only send through our mail gateway, and they > have to temporarily change their setting for the duration fo their > visit, and remember to change back when they left: that is annoying > (and I am not always around to tell them why they cannot send their > email). > > That is why I am thinking about transparent redirection. > > Best regards, > We've setup transparent outgoing mail proxying using ASSP, PF and Postfix. Basically any traffic that has a destination port of 25 on the Internet is sent through our mail proxy, and onwards to the destination mail servers. Main reason for this is simplicity. I've never come across anyone using TLS+SMTP, in most cases I've found that SMTP is accepted as insecure (esp. over the Internet). If we were talking intra-company SMTP over the Internet, different story altogether due to the company needing privacy.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ba5e78ea0707160005g56b56defybb6c1111c9853032>