Date: Thu, 22 Oct 1998 20:19:38 +0200 From: Juergen Nickelsen <ni@tellique.de> To: Chad Thunberg <chadth@atvideo.com> Cc: freebsd-security@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: firewall + internal mail server Message-ID: <362F773A.AB9F196B@tellique.de> References: <000501bdfdde$1f5f53b0$ef2376cc@tarn.atvideo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Chad Thunberg wrote: > I am setting up a firewall and enabled natd but have an internal > mail server. Is there a way to still be able to access the internal > mail server from the outside for sending and receiving email? [...] > I would rather not put the mail server outside of the firewall. Sure. What about putting a mail server for incoming mail on the firewall host itself? In a similar setup, I wanted the "real" mail server to be inaccessible from the outside at all, because it contains critical data (e-mail being only part of it). I use the firewall host (running FreeBSD) as the external mail server, but it only forwards the mail to the internal mail server.(*) The firewall also acts as FTP and WWW server, but since the mail resides only for seconds on it, the risk is minimized. The internal mail server is able to go outside through the firewall to deliver mail. (*) Time being a scarce resource, I do this at the moment with an alias entry for each internal mail address on the firewall host ("ni: ni@picasso.tellique.de"), so I didn't have to change the sendmail configuration from the default. As we are just a few people here yet, this is bearable, but for a long-term solution I'll have to work out a sendmail configuration where the mail exchanger for the domain delivers the mail to a non-MX. I am sure there is a simple way, but I don't know it yet. Greetings, Juergen. -- Juergen Nickelsen <ni@tellique.de> Tellique Kommunikationstechnik GmbH Gustav-Meyer-Allee 25, 13355 Berlin, Germany Tel. +49 30 46307-552 / Fax +49 30 46307-579 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?362F773A.AB9F196B>