Date: Tue, 19 Aug 1997 12:25:11 -0500 From: Prashant Dongre <pdongre@opentech.stpn.soft.net> To: Jerry Kelley <jerryk@iquest.net> Cc: sthaug@nethelp.no, freebsd-questions@FreeBSD.ORG Subject: Re: sendmail on a firewall box Message-ID: <33F9D6F7.50250F02@opentech.stpn.soft.net> References: <33F7C9E9.167EB0E7@iquest.net> <3599.871884758@verdi.nethelp.no> <33F85122.41C67EA6@iquest.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Jerry Kelley wrote: > sthaug@nethelp.no wrote: > > > > > > > > I just want one box that provides the services to my small LAN. I want > > > that box to be the mail host for my company and also provide a > > > firewall/proxy service. > > > > Sounds like you should buy a Whistle Interjet :-) (www.whistle.com) > > Yeah, well, the ISP's around here haven't even heard of the Interjet. > Besides, it's not that economical. I can build a FreeBSD box and > configure > it for much less money! > > > > > Anyway, given sendmail past history I'd feel very uncomfortable with > > sendmail in any sort of security-related function. Why don't you look > > at qmail (www.qmail.org) instead? This was written with security in > > mind. > > Thanks for the tip. I'll look into it. It's interesting how some will > say that it's OK to run sendmail on the firewall box and others will > cringe at it! > > > > > I hope by "Internet access point" you don't mean for users to actually > > login to the firewall box? This is generally considered a bad idea. > > No. The box will be dedicated to providing Interjet-like services for > my LAN. It will not be used by any users other than the administrator > for administration. I am doing the same thing what you are planning to do (for last two years...). But I have made a little change, I have my firewall on on FreeBSD box and mail on other FreeBSD box. The Firewall FreeBSD double-up as my secondary mail server as well as HTTP proxy server. On all these boxes the login shells have been disabled and users access only thru POP server. I am quite happy with this setup and keep my other FreeBSD box as hot stand-by if in case the mail router/Firewall crashes. I need to look at 'Whistle' though, let me know if you find that interesting. Prashant.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?33F9D6F7.50250F02>