The most common solution you'll see on this list is the establishment of a
DMZ by adding a third Network Card to the Firewall.
|
Internet
|
Router
|
Firewall - - - DMZ - - - SMTP Host
|
Intranet
This way if your SMTP Host is compromised your internal network isn't.
-----Original Message-----
From: Geoff Smith [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, September 15, 1999 3:27 PM
To: [EMAIL PROTECTED]
Subject: Implementation question
I'm new to all this Security stuff, so this is probably
an old question, but here it is, anyway:
Should a mail server be inside or outside a firewall?
Here's why I ask.
1) If it's outside, people could break in and get mail until
that mail is removed from the server (either by automated
automated process or the user).
2) If it's inside, I'd forward port 25 to another machine
inside where someone might be able to exploit the MTA to
get access to stuff inside the Firewall.
Do I misunderstand the problem?
Thanks for any insight...
Norm!
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]